cryptocurrency blockchain bitcoin

Hackers move $760 million from the 2016 Bitfinex hack

More than $760 million worth of Bitcoin, stolen from cryptocurrency exchange Bitfinex in 2016, were moved on Wednesday to new accounts.

The funds were moved in tens of transactions ranging from 1 to as much as 1,200 bitcoin (BTC) at a time.

According to a summary of recent transactions put together by The Record using data from blockchain tracking services like Whale Alert and BTCparsers, the transferred sum ranges from 10057.5798 BTC (per Whale Alert) to 12230.08861 BTC (per BTCParsers).


The moved funds represent around 10% of the sum stolen from Bitfinex in a security breach that took place in August 2016, when hackers stole 119,756 BTC from the Hong Kong-based platform.

The money was only worth $67.47 million at the time, and they were never cashed out, as other cryptocurrency exchanges intervened to blacklist the attackers' addresses, preventing them from converting the stolen Bitcoin into fiat currency or another altcoin.

Because of this, the money has been mostly left sitting in the hackers' accounts for the past four and a half years and is now believed to be worth around $7.45 billion, making it the largest cash of stolen cryptocurrency still in existence today.

The timing and purpose of the transactions

"The fact that these transactions were sent all at the same time, in thousands of split up transactions to unknown wallets was very suspicious," a cryptoanalyst and blogger who goes by the name Mr. Whale told The Record on Wednesday.

"It's unclear exactly what the hackers are doing, but the timing was very odd. Taking place around the time Coinbase got listed on Nasdaq, and everyone was focused on that."

Currently, several blockchain experts believe that the funds are almost impossible to cash out and that hackers are using them to influence the Bitcoin-USD exchange rate by moving large quantities of funds, which usually tends to drop the exchange rate.

The hackers' plan appears to have been successful. The Bitcoin-USD exchange rate fell from $64k to around $62k last night after hackers moved $760 million.

According to technology expert Adam Cochran, this is also not the first time that hackers moved funds from the stolen 2016 Bitfinex hack cache to move the needle on the exchange rate and make a profit on the price fluctuation.

Per the Whale Alert account, similar movements of hundreds and thousands of Bitcoin have also been recorded in June, July, August, October, and November 2020, and June and August 2019.

However, Mr. Whale told The Record that they disagree with the general conclusion that the funds are unlaunderable.

"Considering many cryptocurrency exchanges are unregulated, I'm sure the hackers will find a way to convert it to fiat, and cash out. It's also speculated that they will potentially sell these Bitcoin's to a buyer willing to get them at a discounted price. This way they can both win," Mr. Whale told us.

Probably not a law enforcement action

Following the first movement of Bitfinex 2016 stolen funds, two Israeli citizens were arrested, believed to have been connected to the hack, although Israeli prosecutors never confirmed they were the actual individuals behind the breach.

Rumors that the funds were moved by law enforcement were also generally played down as speculation yesterday.

"This move was unlikely to be of law enforcement origin," Mr. Whale told The Record. "We haven't seen any announcement from them, and these funds were stolen so meticulously, it's unlikely the hackers got caught."

Blockchain analysis firm Chainalysis, which usually works with law enforcement agencies on these investigations, did not return multiple requests for comment.

Neither did Bitfinex.

In August 2020, the cryptocurrency exchange said it was willing to grant 30% of the stolen funds as a reward to anyone who'd help the company track down the hackers and return the stolen funds. At the time, the reward was valued at around $400 million. Now, the reward would be worth more than $2.2 billion.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Catalin Cimpanu

Catalin Cimpanu

is a cybersecurity reporter who previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.