The Tether hack will need to be reported to law enforcement which was the reason why ChrisJ removed the warrant canaries from his Twitter account - an event that left people wondering whether Bitfinex is under subpoena.
The 51 minutes of footage from Whalepool is available on Youtube – by the way, it’s still alright at 1.5x speed.
Below a substantially shortened transcript of the most important info from the first part of the session with timestamps to relevant parts of the footage. Links of timestamps open in new tab.
On the 19th November about 30.9 million USDT sent from Tether single-sig hot wallet.
- What happened to the USD that were backing the stolen USDT? Nothing - The USDT were created before the backing money arrived, the Tethers were sitting in the treasury wallet waiting to be allocated. 00:59
- Details of the hack, 02:13: The money didn’t belong to a customer, there are no customer damages – the tokens were unassigned and have been frozen 38:05
- The hacker probably used a malicious binary, 02:23
- The address of the Tether treasury wallet, 09:59 look for it in the text chat.
- Why wasn’t the treasury wallet multisig? 10:49 It was a newly created wallet that wasn’t used as treasury before (or after) the hack. Normally, Tether storage is multisig but this particular address was single-sig. It is not known why it was single-sig.
- The server was isolated from Bitfinex servers, 13:35, and set up by different dev team than the team that works on it now.
- The server separation is also why the hacker couldn’t steal other cryptocurrencies. As a rule, different currencies live on different servers so that they can be updated easily and they don’t get poisoned from one another if there’s malicious code, 45:50.
- Flibbr suggest a live stream with someone from Bitfinex to show the money is in the bank accounts. 15:35 (Probably not possible - banks do not want that spotlight, people are bound by NDAs.)
- Most of the Tether FUD is anecdotal, screenshots etc, not really evidence or proof … 22:15 … plapps suggests Bitfinex deals with it better in terms of PR because the crowds go too far with their conspiracies. ChrisJ calls for more ideas on how to clear this situation (how to prove the Tethers are backed by USD and do it in a way that is not damaging to Finex nor its customers) – but says he cannot keep up with the tons of twitter messages (@MrChrisEllis) he’s getting. If you have an idea, Disqus comments here below are open.
- 35:05 Details of the Tether creation and USD backing - often, the entity that pays for the USDT creation is Bitfinex because of financing of a customer transaction via USDT. (Your USD balance on Bitfinex is not automatically USDT.)
- Since the stolen Tethers were frozen, there can be a wild unfounded speculation that the hack was either a test or a stunt to make Tether look bad, 38:33.
- 39:13 There are security updates for Tether underway.
- ChrisJ calls for allowing the benefit of the doubt. 44:18