News: NYAG calls Bitfinex out, Bitfunder founder off to jail, Roubini pissed at Bitmex

A few people asked me where I’ve been lately. I’ve been working! I recently started a full time job. I’m the editor of a website about ATM machines. I recently wrote Spanish authorities: bitcoin ATMs expose hole in AML laws” and Bitcoin ATMs: Why Vancouver doesn’t want them.” (By the way, if you are curious how criminals use bitcoin ATMs to clean money, this moneylaunder.com article does a nice job of explaining the process.) 

I also write a newsletter on money. You should sign up for it

On to the news — 

Much ado about exchanges

Crypto exchange Bitfinex is doing a lot more business in New York than it’s led us all to believe. The NYAG’s recent court filings — a Memorandum of Law and an affirmation from assistant Attorney General Brian Whitehurst, along with 28 pieces of evidence — reveal a full picture of the company’s dealings in the state.  

Why does it matter? Because his means NYAG has jurisdiction to push ahead with its investigation into Bitfinex and Tether’s ongoing shenanigans. Decrypt’s Ben Munster also points out that Bitfinex “loaned tethers to a New York trading firm.” There’s an open question as to whether the funds were ever paid back.  

Also, Bennet Tomlin had a good thread on the NYAG’s filing.

By the way, there are now nearly $3.9 billion tether sloshing around in the markets, pushing up the price of bitcoin, which briefly crested $13,000 on July 10. 

I nearly missed this bit of news from a few weeks ago: Ireland-based cryptocurrency exchange Bitsane went poof!, leaving its 246,000 users high and dry. Users began having issues withdrawing crypto from the exchange in May. And on June 17, the exchange’s website along with its twitter and facebook accounts vanished.  

Bitmarket, the second largest Polish crypto exchange, has shut down citing a loss of liquidity. Approximately 1,300 bitcoin are stuck on the exchange, and users are rightfully pissed off. They have formed a Facebook group and are planning a class-action lawsuit. The exchange was acting goofy before the shutdown. Reddit user u/OdoBanks says users were asked to change passwords and provide additional KYC for withdrawals.

Founder of bitcoin stock exchange Bitfunder will be spending 14 months behind bars for lying to the SEC about a hack that cost clients 6,000 BTC. Instead of telling his customers the truth in 2013, operator Jon Montroll misappropriated funds to hide the losses.  

Cryptocurrency exchange hacks don’t happen too often — only once every few weeks. Japan’s Bitpoint is the latest to make headlines. The exchange’s hot wallets were hacked to the tune of $32 million worth of crypto, most of which were customer funds. On Monday, the exchange found another $2.3 million missing on exchanges “that use the trading system provided by Bitpoint Japan,” according to Japan Today

(Update, July 15, 11:30 a.m. EST — previously, I indicated Bitpoint located $2.3 of the missing funds, but actually the exchange found more money missing.)

Speaking of Japan, the country’s top regulator says 110 crypto exchanges are waiting for licenses right now. Under Japanese law, crypto exchanges need to register with the Financial Services Agency to operate in the country. As of now, there are only 19 licensed exchanges in Japan. The FSA has been slow to license after the Coincheck hack

Binance burned 808,888 of its native BNB tokens — about $24 million worth. This is the eighth burn of BNB coins, which are totally not a security. The price of the remaining BNB goes up every time there is a burn. Keep in mind, until any crypto is converted to fiat, its value is completely theoretical. 

Screen Shot 2019-07-14 at 11.26.10 PMBitMEX, the Hong Kong-based bitcoin derivatives exchange, has finally released the tapes (round 1 and 2) from its “Tangle In Taipei,” a July 3 debate between Bitmex CEO Arthur Hayes and NYU professor Nouriel Roubini. The two have been going at it online.

A man is suing Gemini — the NY exchange operated by the Winklevoss twins — after $240,000 was stolen from his money market account and wired to Gemini, where it was used to to purchase crypto on the exchange.  

Due to heightened oversight on online crypto exchanges, users are increasingly asked to fork over their IDs and addresses. The shift is giving peer-to-peer exchanges, which typically don’t impose such KYC checks, a boost, according to Bloomberg

Other interesting stuff

Founders of the Tezos crypto platform object to sharing emails between them regarding the Tezos “fundraiser” because they are married. Steven Palley has the full story

New York City’s Monroe College was hit with a ransomware attack that shutdown the college’s computer systems. The attackers want the college to fork over $2 million worth of bitcoin to free up the computers.  

President Trump blasted bitcoin on Twitter. He is no fan of Facebook’s Libra either. There’s only room in this country for one currency, and that’s the almighty dollar.

The Federal Trade Commission has fined Facebook a gobsmacking $5 billion for privacy violations. It’s the biggest fine in FTC’s history. Surprise, surprise, Facebook’s stock went up on the news. 

An angry mob burned down the home of a man behind bitcoin ponzi scheme in South Africa after he admitted all the money was gone. 

Finally, police in China cracked down on a cartel of illicit bitcoin miners who stole nearly $3 million worth of electricity. A local power company tipped off authorities after they noticed a peculiar surge in power use.  

News: Money laundering in real time, Binance has you covered, maybe, and Bitfinex ready to IEO with LEO

A lot is going on in cryptoland right now—most of it involves investigations, a New York Attorney General (NYAG) lawsuit and missing funds, but I don’t want to sound negative.

The destiny of all crypto exchanges is to be hacked, apparently. Last year, thieves stole $950 million worth of cryptocurrency from exchanges. So, in many ways, it’s not surprising to hear that Binance, the largest crypto exchange by volume, got hacked a second time.

Binance, all funds SAFU

Thieves looted more than 7,000 BTC from Binance in a single transaction. The hackers, however, are not free yet! They still need to move that $41 million worth of BTC into fiat,  a feat that typically requires layering funds into smaller and smaller amounts (generally using a script of some sort), moving it through coin mixers, and then funneling it through various exchanges until they can exit into cash. 

Thanks to blockchain, we can watch this money laundering happen real time. The first transaction out of Binance consisted of of 44 outputs. The hackers have since consolidated the bitcoin into seven addresses of mostly amounts. Now we wait.

After the hack, Binance suspended all deposits and withdrawals for seven days. Traders on the platform can’t dump their bitcoin—or their tether. If bitcoin were to crash, they would be trapped. Fortunately, bitcoin is not crashing—it’s pumping. As I write, bitcoin is now at $6,800, having shot up $1,000 within a week.

According to one expert, the boost is partially due to “a rare alignment of celestial bodies forged in an ancient supernova”—thus, number go up. Makes total sense to me.

Binance says it has an insurance policy—its SAFU fund—to cover losses on the exchange. Nobody knows for certain what is in that fund, because there has never been an outside audit, but Binance’s CEO CZ says they have enough bitcoin to cover the losses. Phew!

In a recent blog post, CZ also said the exchange is revamping its security measures, including its 2FA, API and withdrawal validation processes. Also, withdrawals and deposits should resume “early next week.”

Bitfinex’s legal woes

If you need to get up to speed with the Bitfinex and Tether saga, I covered the NYAG lawsuit in my previous newsletter. Robert-Jan den Haan also wrote a complete timeline of Bitfinex’s history with its third-party payment processor Crypto Capital.

We have podcasts, too. I discuss the Bitfinex drama with Sasha Hodder on HodlCast, and Robert talks about it with Laura Shin on her Unconfirmed podcast.

In response to the NYAG’s court order, Bitfinex submitted a motion to vacate. The NYAG filed an opposition, and Bitfinex responded. At a hearing on May 6, New York Supreme Court judge Joel M. Cohen called the preliminary injunction “amorphous and endless.” The prelim will stand, but he is giving both parties a week to sort it out.

Bitcoin was selling at a 6% premium on Bitfinex—a sign that traders are willing to pay more to get rid of their tether and get their funds off the exchange. The price of bitcoin on the exchange was so off-kilter that CoinMarketCap, a website that aggregates bitcoin pricing from top exchanges, stopped pulling from Bitfinex.

The Bitfinex premium disappeared when Binance halted withdrawals on its platform, Larry Cermak doubts it has anything to do with Binance though. He thinks it’s because Bitfinex started processing cash withdrawals again.

Twitter user “Bitfinex’ed,” disagrees. When bitcoins and tethers are stuck on Binance,  that effectively reduces the supply and makes it that much easier to pump the market, he told me. He think prices will crash when Binance reopens withdrawals.

“I am lion, hear me roar”

Screen Shot 2019-05-10 at 9.39.37 PMBitfinex has a $851 million shortfall due to issues with Crypto Capital. How is it going to fix that? Here is an idea: Why not just print more money?

The exchange’s latest plan is a token sale, or exchange traded offering (ETO), on its own platform. It will be selling a new token LEO—as in lion.

Earlier this week, iFinex, the parent company of Bitfinex, released a white paper outlining the business proposition behind the token offering. Each LEO is worth 1 USDT, which is worth $1 USD. This is not the first time Bitfinex has issued a new token to pull itself out of a financial mess. (It created a BFX token after it was hacked in 2016.)

Bitfinex shareholder Dong Zhao told CoinDesk that iFinex has received hard and soft commitments of $1 billion for the token sale. Perfect. That should definitely eleviate all of Bitfinex’s money problems.

QuadrigaCX

Ernst & Young, the trustee for failed Canadian crypto exchange QuadrigaCX, released a preliminary report describing the company’s assets and liabilities. In a nut, Quadriga has US$21 million in assets, but owes creditors US$160 million.

Elsewhere

Recently, Negocie Coins, a crypto exchange that you probably have never heard of, rose to number three on CoinMarketCap’s top exchange’s list sorted by volume. How is this even possible? Clay Collins, founder of market data company Nomics, made a video, explaining how crypto exchanges use ticker stuffing and volume spamming to game the system.

FinCEN has released a new “interpretive  guidance” for money services businesses using cryptocurrency. If you are not sure if you are a money transmitter, David Gerard breaks it down for you. Sasha Hodder also covers the new guidance in Bitcoin Magazine. And there were several tweet storms—here, here, and here.

The FinCEN document has far reaching implications, such as, it appears Lightning Network (LN) operators qualify as money transmitters. Emin Gün Sirer says he is not surprised “given how similar LN is to hawala networks, and given the role hawala networks played in financing terrorism pre-9/11.”

The US banking committee is concerned about Facebook’s attempt at a cryptocurrency—Facebook coin—and how the social media giant is treating people’s’ financial information. It’s published an open letter with questions for Facebook.

Redditor u/BioBiro, who needed to acquire bitcoin for a totally legal purchase, complains about the rigamarole he had to go through. Among other things, “Now there’s two pictures of me and my driving license on their server for the rest of time, I guess.”

Consensus, CoinDesk’s big money maker conference, kicks off in New York next week. Last year it had 8,500 attendees, pulling in ~$17 million in ticket sales—and that’s before sponsorships. Arthur Hayes, CEO of bitcoin derivative exchange BitMEX, was one of several who rolled up to New York Hilton Midtown in a lambo.

# # #

My work is reader supported. If you’ve read this far, please consider becoming a patron

Binance hacked to the tune of $41 million, but no worries, funds are SAFU

Screen Shot 2019-05-07 at 10.22.41 PMBinance, the world’s largest crypto exchange by volume, and the world’s largest tether exchange, has been hacked.

The hackers drained the exchange’s hot wallets, taking 7,000 bitcoin, worth approximately $41 million, in a single transaction. The hack only amounted to 2% of the exchange’s total holdings. Everything else was in its offline cold wallets.

“All of our other wallets are secure and unharmed,” Binance CEO Changpeng Zhao (aka “CZ”) wrote in a blog post on Wednesday morning, May 8, Asia time. 

The stolen funds are visible in this transactionHours before the announcement, the exchange said it was undergoing maintenance.

CZ explained the hackers were able to obtain a large number of user API keys, two-factor authentication (2FA) codes, and “potentially other info.” 

To pull off the heist, hackers used a variety of techniques, including phishing, viruses and other attacks. “We are still concluding all possible methods used,” CZ said. “There may also be additional affected accounts that have not been identified yet.” 

In the meantime, Binance has suspended all customer deposits and withdrawals, but trades will continue. “Please also understand that the hackers may still control certain user accounts and may use those to influence prices,” CZ noted.

He explained that the the hackers had the patience to wait, and execute well-orchestrated actions through “multiple seemingly independent accounts at the most opportune time.”

The exchange will use its Secure Asset Fund for Users (SAFU) to cover the losses. In mid-2018, after an earlier hack, Binance began to allocate 10% of all trading fees received into the fund, as a way to insure against extreme losses. 

After being up for 29 hours, an exhausted CZ did a 37-minute Periscope stream to answer questions about the hack. “It’s one of those days,” he said. “Yeah, it’s been rough.”

What happened?

At this point, few details of the incident are public—and speculation is rampant. 

It appears the hackers were able to drain the exchange’s hot wallets without a manual authorization. Typically, large outbound transfers (often over 100 BTC) need to be manually vetted. For instance, crypto exchange Liquid, based in Tokyo, keeps 100% of its funds in cold storage and manually processes all withdrawals. It is a slower process for getting funds off an exchange, but more secure.

Cornell University professor and blockchain researcher Emin Gün Sirer thinks the Binance hackers knew the per-account limits, and used multiple compromised accounts to withdraw the entire hot wallet. “This shows how difficult it is to build secure services with our current coin infrastructure,” he told me. 

Gün was amazed at Binance’s decision to keep trading even though it doesn’t know the full extent of the hack or how many accounts were affected.

As he explained, “They know some 2FA has been compromised, but they don’t know which customer accounts are compromised—yet they enable trading.” In other words, someone could carry out risky trades in the next week, and if the trades lose money, they could say that their 2FA was compromised and the trades were unauthorized. 

“Continuing to trade in an unknown scenario opens them up to unlimited legal risk,” he tweeted“This is ballsy beyond belief.”

Freezing withdrawals

Binance is freezing withdrawals for a week—that means 188,000 Bitcoin are stuck on the platform—a move that could create an artificially restricted supply.

You can’t withdraw bitcoin off the exchange, but Binance itself—and insiders—can. This could allow a privileged few to take advantage of price differentials on other exchanges.  

“If you want to sell a lot of bitcoins onto the market, and capture as much liquidity as possible, you want to be the only one selling,” Twitter user Bitfinex’ed told me. “You don’t want other people selling to the same orders you want to sell to. Binance freezing withdrawals means those people are stuck there and can’t sell for real money.”

Previous hack

This isn’t the first time Binance has been hacked. It experienced another sophisticated hack in July 2018, where oddly enough, 7,000 BTC—the same amount of bitcoin as this recent hack—was also withdrawn and resulted in an “emergency maintenance.”

The earlier attack went something like this:

Syscoin (SYS)—a minor altcoin with a low volume and small order book — was hit by a hack caused by a bug in its wallet. The attackers then sent the ill-gotten SYS coins to Binance, where they created a torrent of buy orders via the Binance API. This pushed the price of SYS as high as 96 BTC, at one point. The hackers then withdrew the bitcoin, prompting Binance to cease trading and to reset all of its APIs.

The incident is what prompted Binance to create its SAFU insurance fund, which at the time, contained only Binance’s own BNB on-exchange token. Those who suffered a loss as a result of the hack, were compensated in BNB. It is not clear, however, if that will be the case this time. CZ says he has enough bitcoin to cover the loss. 

It is entirely possible the same hackers who pulled off this earlier hack were also the ones behind the recent hack. If so, who were they?

North Korea 

Screen Shot 2019-05-08 at 7.06.25 AMAnother source I spoke to—who did not want his identity revealed—said the recent hack has all the hallmarks of a sophisticated, multi-pronged attack that might be more the work of nation-state elements rather than your typical “lone hacker.”

He speculated that it was possible this was the work of APT 38, a covert cybercrime cell that specializes in financial institutions, and more recently, cryptocurrencies, to prop up North Korea’s economy. 

The group, according to cybersecurity firm FireEye, doesn’t operate by a quick smash-and-grab strategy typical of day-to-day cybercriminals, but with the patience and precision of a nation-state threat actor that has the time and tools to sit and wait for the perfect moment to launch an attack.

“APT 38 operators put significant effort into understanding their environments and ensuring successful deployment of tools against targeted systems,” FireEye experts wrote in a report. “The group has demonstrated a desire to maintain access to a victim environment for as long as necessary to understand the network layout, necessary permissions, and system technologies to achieve its goals.”

The Binance investigation is ongoing. I’ll update this post as more information surfaces

# # #