Editor’s note (Feb. 9, 19:10 UTC): The original version of this article was written under the assumption that hackers were responsible for moving the coins. A week after publication, the U.S. Department of Justice announced it had seized $3.6 billion worth of bitcoin linked to the 2016 Bitfinex hack, and that law enforcement had gained access to the wallet on Jan. 31, the day before the exact amount of BTC (94,643.29) was observed moving on-chain. The article has been updated throughout to reflect the difficulty of attribution when analyzing on-chain activity.
Large amounts of bitcoin stolen from the cryptocurrency exchange Bitfinex six years ago were moved by unidentified parties early on Tuesday.
- "So far this morning, 94,643.29 bitcoins ($3.55 billion) have been moved in 23 transactions, from a wallet associated with a theft from Bitfinex in 2016, to a new address," blockchain analytics firm Elliptic said. These originate from a theft suffered by Bitfinex in 2016, the firm added.
- "It is unlikely that these funds will be cashed out any time soon. Funds from this hack have been slowly laundered for over five years now and cashing-out large volumes over a short period of time would draw unwanted attention," Elliptic said.
- The number of bitcoin transferred amounted to 79% of the total 119,756 bitcoins drained from Bitfinex in 2016, one of the biggest bitcoin hacks to date.
- Unidentified parties last moved the stolen bitcoin in April 2021, transferring over $700 million worth of coins to unknown wallets during the bull frenzy brought on by crypto exchange Coinbase's then impending listing on Nasdaq. According to Elliptic, the funds were laundered through darknet markets like Hydra and privacy-focused Wasabi wallet.
- Igor Data, CEO of Geneva-based BLIN Analytics, said Hydra and Wasabi might be used again.
- "Hydra breaks the link between the incident and further transactions, and Wasabi Wallet provides the necessary level of anonymization, including the ability to hide the connection not only to Bitfinex Hack but also to Hydra," Data said in a LinkedIn chat. "The hackers obviously use the automation tools to reduce the chance of error, which could lead to the hackers being caught."
- A movement of malicious funds usually raises suspicion of bad actors looking to cash out and spooks markets.
- As noted in April, most of the bitcoin associated with the Bitfinex hack is widely tracked and blacklisted. Thus, bad actors would have a tough time cashing out on prominent centralized exchanges.
- In other words, the latest movement of the hacked coins presents little downside risk to bitcoin. At press time, the cryptocurrency was trading largely unchanged on the day near $38,500.
UPDATE (Feb. 1, 10:39 UTC): Updates the figure in the headline and the text, adds comment from Elliptic.
UPDATE (Feb. 1, 11:17 UTC): Updates fourth bullet to say Whale Alert earlier reported on the transfers.
Update (Feb. 1, 11:57 UTC): Adds comments from BLIN Analytics.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.