Bitfinex, the behemoth exchange, reached out to hackers and whistle-blowers in an attempt to make good on 2016’s massive security breach.
A Colossal Bounty
This morning, Bitfiniex issued a statement with details of an award for information leading to the return of 119,755 bitcoin stolen in a 2016 hack. On August 2, 2016, Bitfinex found itself humiliated after a hacker stole millions of its users’ funds.
At the time, the loss was valued at around $72 million. However, as of writing, that value had ballooned to about $1.3 billion. Bitfinex offered up an apology:
We have learned valuable lessons from this painful episode, addressing the security issues and vulnerabilities associated with the theft.
In February 2019, Bitfinex recovered 27 bitcoin with the help of U.S. authorities, but the remainder of the funds remain elusive. Surprisingly, Bitfinex is offering 25% of the stolen money as a reward to the hackers themselves, should they come forward.
The company alternatively offered 5% of the funds for information leading to their recovery. This combined 30% is the basis of the $400 million in potential rewards. It’s hard to conclude whether this was born of realism or desperation, but the statement does not speak of amnesty.
Remembrance of Hacks Past
An award proportional to the amount of recovered bitcoin seems less than ideal. Nonetheless, considering Bitfinex’s murky history around stolen money, there are much deeper ironies. Bitfinex has long been associated with Tether (USDT), the gigantic stable coin that saw another 200 million USDT Printed in June.
Likewise, USDT has been mired in controversy. Its supply had already risen by about 70% since the start of July. Furthermore, speculation abounds that all 10 billion Tether may not be backed by actual U.S. dollars (as is claimed by the company). It’s possible that a huge liquidation could result in the uncovering of a scam.
Additionally, this is not the first accusation levied against Bitfinex for its use of Tether. In 2019, the New York State Attorney General accused Bitfinex of using Tether to cover up $850 million worth of stolen funds.
Though the two entities claim to be separate, the leaked paradise papers suggest that Bitfinex and Tether could be one and the same.
More Than Meets the Bitfinex Eye
As CGI artist Cypher pointed out on Twitter, offering a multi-million dollar reward is easy when you can print the currency. If Bitfinex and Tether are indeed the same, what stops them from printing the $400 million reward in USDT?
Theoretically, they could exchange it for fiat, or, more likely, send it over the blockchain. If the hackers themselves do come forward, they are unlikely to cash a check.
On the other hand, it’s possible the hackers could be investigated depending on whether or not Bitfinex is working with the authorities. In other words, the hackers may have more to lose should they come forward.
But do they have anything to gain? Well, because of the blockchain’s decentralized ledger, the funds are theoretically traceable, even if they remain anonymous. So even with $1.3 billion in hand, the hackers are essentially holding marked bills.
In addition, there is the off chance that the hackers could keep the $400 million reward. Authorities are unlikely to pursue and lock up the hackers, then let them keep the funds after they serve time.
It may be hard to negotiate, but if Bitfinex really wants the hackers to come forward, they are going to have negotiate immunity.
Recently, the thieves moved $28 million bitcoin from a wallet, so they are active again. Perhaps the transfer aroused Bitfinex to the possibility of reconciliation? It remains to be seen whether this new reward will lead to a clear resolution.