Share this article

Bitfinex has been thrust into the spotlight recently after a ransomware group, named “FSOCIETY,” claimed to have gained access to 2.5TB of the exchange’s data and the personal details of 400,000 users. In response to the allegations, Bitfinex CTO Paolo Ardoino clarified that the claims of a database hack appear to be “fake” and assured user funds remain secure.

FSOCIETY

Ardoino found out there were data discrepancies and user data mismatches in the hacker’s posts.

The hackers posted sample data containing 22,500 records of emails and passwords. However, according to Paolo, Bitfinex does not store plain-text passwords or two-factor authentication (2FA) secrets in clear text. Additionally, of the 22,500 emails in the leaked data, only 5,000 match Bitfinex users.

According to him, it could be a common issue in data security: users often reuse the same email and password across multiple sites, which might explain the presence of some Bitfinex-related emails in the dataset.

Another highlight is the lack of communication from the hackers. They did not contact Bitfinex directly to report this data breach or to negotiate, which is atypical behavior for ransomware attacks that typically involve some form of ransom demand or contact.

Moreover, information about the alleged hack was posted on April 25, but Bitfinex only became aware of the claim recently. Paolo said if there had been any genuine threat or demand, the hackers would have likely used Bitfinex’s bug bounty program or customer support channels to make contact, none of which occurred.

“The alleged hackers didn’t contact us. If they had any real information they would have asked a ramson through our bug bounty, customer support ticket etc. We couldn’t find any request,” wrote Ardoino.

Bitfinex has conducted a thorough analysis of its systems and, so far, has not found any evidence of a breach. Paolo said the team would continue to review and analyze all available data to ensure that nothing is overlooked in their security assessments.

After news of a potential breach surfaced, Shinoji Research, an X user, confirmed the authenticity of the leak. The user said he tried one of the passwords in the leaked information and received a 2FA.

However, at press time, he removed his post and corrected the previous information.

In a separate post on X, Ardoino suggested that the real motive behind the exaggerated breach claims is to sell the hacking tool to other potential scammers.

The idea is to generate buzz around these high-profile (Bitfinex, SBC Global, Rutgers, Coinmoma) hacks to promote their tool, which they allege can enable others to carry out similar attacks and…



Source link