Latest on ATNET:

#crypto-opsec #crypto-fundamentals
#crypto-trading-strategy #crypto-tools
NEW STRATEGY   Nft trading  · 09/04/21

ChrisJ (Bitfinex) on the Tether hack and Bitfinex transparency

Altcoin Trading Blog
10/15/21 · Reports

Note: This report was written in 2017 and remains published for reference purposes only.


A shortened transcript with the most important info from the session with timestamps to relevant parts of the footage
Crypto Trading Strategy - 5 Weeks of Onboarding Reads: Subscribe and select "All Posts" or "Strategy & Security" as your preference.
 

On December 3rd 2017, ChrisJ who works for Bitfinex talked on Whalepool TS about Bfx transparency issues, the recent Tether hack and more.

The Tether hack will need to be reported to law enforcement which was the reason why ChrisJ removed the warrant canaries from his Twitter account - an event that left people wondering whether Bitfinex is under subpoena.

The 51 minutes of footage from Whalepool is available on Youtube – by the way, it’s still alright at 1.5x speed.

Below a substantially shortened transcript of the most important info from the first part of the session with timestamps to relevant parts of the footage. Links of timestamps open in new tab.



Tether Hack

On the 19th November about 30.9 million USDT sent from Tether single-sig hot wallet.

  • What happened to the USD that were backing the stolen USDT? Nothing - The USDT were created before the backing money arrived, the Tethers were sitting in the treasury wallet waiting to be allocated. 00:59
  • Details of the hack, 02:13: The money didn’t belong to a customer, there are no customer damages – the tokens were unassigned and have been frozen 38:05
  • The hacker probably used a malicious binary, 02:23
  • The address of the Tether treasury wallet, 09:59 look for it in the text chat.
  • Why wasn’t the treasury wallet multisig? 10:49 It was a newly created wallet that wasn’t used as treasury before (or after) the hack. Normally, Tether storage is multisig but this particular address was single-sig. It is not known why it was single-sig.
  • The server was isolated from Bitfinex servers, 13:35, and set up by different dev team than the team that works on it now.
  • The server separation is also why the hacker couldn’t steal other cryptocurrencies. As a rule, different currencies live on different servers so that they can be updated easily and they don’t get poisoned from one another if there’s malicious code, 45:50.

Tether FUD

  • Flibbr suggest a live stream with someone from Bitfinex to show the money is in the bank accounts. 15:35 (Probably not possible - banks do not want that spotlight, people are bound by NDAs.)
  • Most of the Tether FUD is anecdotal, screenshots etc, not really evidence or proof … 22:15 … plapps suggests Bitfinex deals with it better in terms of PR because the crowds go too far with their conspiracies. ChrisJ calls for more ideas on how to clear this situation (how to prove the Tethers are backed by USD and do it in a way that is not damaging to Finex nor its customers) – but says he cannot keep up with the tons of twitter messages (@MrChrisEllis) he’s getting. If you have an idea, Disqus comments here below are open.
  • 35:05 Details of the Tether creation and USD backing - often, the entity that pays for the USDT creation is Bitfinex because of financing of a customer transaction via USDT. (Your USD balance on Bitfinex is not automatically USDT.)
  • Since the stolen Tethers were frozen, there can be a wild unfounded speculation that the hack was either a test or a stunt to make Tether look bad, 38:33.
  • 39:13 There are security updates for Tether underway.
  • ChrisJ calls for allowing the benefit of the doubt. 44:18

Latest Airdrops

FINN airdrop to token holders - snapshot 25-30 Oct
$FINN token holders will be airdropped up to 1000 $FINN tokens on November 1st. All airdrops must be claimed within 1 week via huckleberry.finance.
Vodra on CoinMarketCap (50k USD) - until 28 Oct
CoinMarketCap and Vodra are running an airdrop of airdrop 50,000 USD worth of Vodra Token to promote their upcoming IDO. To enter you need to add VDR to your CMC watchlist and follow them on all social media. Winners will be drawn on Oct 30.
Apricot Finance rewards (SOL) - from 19 Oct
Apricot finance launched its farming platform on 19th October and vaguely promises that early users will be retroactively rewarded for activity.