Bitfinex Warns of Possible Hot Wallet Attack, Covering Losses

Monday, 25/05/2015 | 09:20 GMT by Leon Pick
  • Crypto exchange Bitfinex has warned that its hot wallet, used for the transfer and short-term storage of bitcoin, may have been compromised.
Bitfinex Warns of Possible Hot Wallet Attack, Covering Losses

Crypto Exchange Bitfinex has warned that its hot wallet, used for the transfer and short-term storage of bitcoins, may have been compromised. It stated in a note to clients:

"Dear Customer although we keep over 99.5% of users' BTC deposits in secure multisig wallets, the small remaining amount in coins in our hot wallet are theoretically vulnerable to attack. We believe that our hot wallet keys might have been compromised and ask that all of our customer cease depositing cryptocurrency to old deposits addresses. We are in the process of creating a new hot wallet and will advise within the next few hours. Although this incident is unfortunate, its scale is small and will be fully absorbed by the company. Thanks a lot for your patience and comprehension."

The exchange did not specify figures of the potential losses.

Bitfinex has the highest USD-based trading volume among all exchanges, based on figures from the past 6 months. Overall, it commands 7.35% of global volume during the same period, ranking it fourth behind China's "Big 3", OKCoin, Huobi and BTC China. Its numbers have slipped during the past 30 days, in part due to the recent incident.

Bitfinex has been making numerous upgrades to enhance and scale its offering, but it is not known if it used multisignature technology for its hot wallet. Peers in the trading space have been increasingly turning to multisignature wallet providers to vastly reduce the chances of successful attack.

Earlier this year, Bitstamp, another USD-Bitcoin exchange, reported losses equaling roughly $5 million in a hot wallet attack. The incident motivated it to make the switch to multisig, employing BitGo's services when it reopened for business.

Trading continues on Bitfinex, the exchange only warning about how to make deposits.

Crypto Exchange Bitfinex has warned that its hot wallet, used for the transfer and short-term storage of bitcoins, may have been compromised. It stated in a note to clients:

"Dear Customer although we keep over 99.5% of users' BTC deposits in secure multisig wallets, the small remaining amount in coins in our hot wallet are theoretically vulnerable to attack. We believe that our hot wallet keys might have been compromised and ask that all of our customer cease depositing cryptocurrency to old deposits addresses. We are in the process of creating a new hot wallet and will advise within the next few hours. Although this incident is unfortunate, its scale is small and will be fully absorbed by the company. Thanks a lot for your patience and comprehension."

The exchange did not specify figures of the potential losses.

Bitfinex has the highest USD-based trading volume among all exchanges, based on figures from the past 6 months. Overall, it commands 7.35% of global volume during the same period, ranking it fourth behind China's "Big 3", OKCoin, Huobi and BTC China. Its numbers have slipped during the past 30 days, in part due to the recent incident.

Bitfinex has been making numerous upgrades to enhance and scale its offering, but it is not known if it used multisignature technology for its hot wallet. Peers in the trading space have been increasingly turning to multisignature wallet providers to vastly reduce the chances of successful attack.

Earlier this year, Bitstamp, another USD-Bitcoin exchange, reported losses equaling roughly $5 million in a hot wallet attack. The incident motivated it to make the switch to multisig, employing BitGo's services when it reopened for business.

Trading continues on Bitfinex, the exchange only warning about how to make deposits.

About the Author: Leon Pick
Leon  Pick
  • 1998 Articles
  • 5 Followers
About the Author: Leon Pick
  • 1998 Articles
  • 5 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}