Analysts believe that scammers spread the news to sell their hacking software

Bitfinex CTO denies claims about the leak of exchange users’ data

06.05.2024 - 12:48

151

3 min

What’s new? Paolo Ardoino, the CEO of Tether, a company issuing the USDT stablecoin issuer, and the CTO of the Bitfinex crypto exchange, has called the news about the Bitfinex user database leak a fake. Earlier, hackers posted a publicly available list of 22 500 logins and passwords supposedly associated with Bitfinex, but Ardoino noted that only 5000 email addresses are related to the exchange’s customers. “If that was part of our database we would expect 100% matching,” the senior executive explained.

Source: Twitter.com

What else is known? Ardoino further emphasized that Bitfinex does not store passwords themselves or secret phrases for two-factor authentication (2FA) as plain text. He denied claims of data leakage as a result of an internal investigation and assured users that their funds were safe.

The senior executive also noted that the hackers published the list of logins and passwords back on April 25, but since that time they have not tried to contact the exchange representatives for ransom or reward under the bug bounty program.

ссылкой-врезкой

According to Bitfinex experts, the database was gathered as a result of hacks on other crypto projects. “Most of users unfortunately use same email/passwords across multiple sites,” Ardoino noted, explaining why some passwords fit exchange accounts.

The Bitfinex database hack was reported by several sources, including Shinoji Research. The project analyst noted that some of the logins and passwords presented by the hackers were indeed associated with the exchange, and when entering them, 2FA was requested to complete authorization. However, he later admitted that the claim that the exchange had been hacked was incorrect and that the data was obtained from other leaks, as it gave access to accounts on other platforms, such as crypto market data aggregator CoinMarketCap.

Shinoji Research also added that matching logins to the exchange were placed at the top of the list, likely to create the appearance of its authenticity.

ссылкой-врезкой

Ardoino later posted an appeal by an anonymous analyst about the possible motives of the hackers. The one claims that by publishing the allegedly leaked Bitfinex database, they are trying to draw attention to their hacking software and its further sale to other attackers. “So it seems you are the clickbait to give this tool credence so the sellers of this tool can scam other scammers,” the analyst concluded.

Source: Twitter.com

“If they truly hacked Bitfinex, do they really need selling stuff for $299?,” concluded Ardoino.

Subscribe to Getblock Magazine and stay up to date with the latest news from the world of cryptocurrencies and the digital economy