Finding Bitfinex’s Pinnig – BlockCypher Blog

Finding Bitfinex’s Pinnig – BlockCypher Blog

Following the Coin with BlockCypher’s Fresh Analytics Backend

When future historians and/or BuzzFeed writers invariably commence ranking “the worst weeks ter cryptocurrency,” this week might be up there. The Ethereum-Ethereum Classic fork clan proceeds and Bitcoin Got Gox’d™, this time at Bitfinex.

While Bitcoin remains resilient, every hacked exchange is a tragedy for exchange participants and the broader ecosystem. I personally hope the hacker is apprehended by suitable law enforcement and funds are recovered for everyone impacted.

The very first step toward recovery is following the money (something still possible on Bitcoin). Te that vein, and spil an exercise for BlockCypher’s growing Analytics toolset, our talented engineer Bryan Cheng built a query to surface the highest-value transactions used to steal Bitfinex funds.

Based on public skill about the attack, here are some of the characteristics that informed our query:

  • Wij filtered transactions with one multisig/P2SH input, and two outputs: one multisig/P2SH and one regular P2PKH (this is the BitGo toverfee payout scheme)
  • Wij knew the relative time framework of the attack
  • Wij knew the resulting P2PKH address (the likely attackers’) gets at least 99.9% of the value (a ballpark of BitGo’s volume-discounted fees)
  • To minimize noise and concentrate on high value accounts, wij filtered for transactions involving 10BTC and above

Here were the top results, including likely hacker addresses, transaction hashes, and value potentially stolen te satoshis vanaf transaction:

Related movie:


The highest value transaction is a whopping Two,038.76 BTC, presently worth about $1.Two million, signifying 1.7% of the total amount stolen:

For the nosey, you can find the utter results of the query here:

Related movie:


It’s possible there are some false positives ter this list, but it’s unlikely given the particular bounds of the query. However, wij do know that it’s not the finish list of addresses compromised.

If you sum the satoshis transferred from this more accomplish query, you wind up with 67,09,158,579,851 — or ter more colloquial terms, approximately 67,091.59 BTC. This falls brief of the utter 119,756 BTC Bitfinex admits wasgoed stolen, which suggests almost half the hack (harshly 52,484 BTC) wasgoed from P2SH addresses below our self-imposed 10BTC threshold. The hacked exchange deposits emerge to go after a power law distribution, which is not unexpected.

While thesis heists are getting rarer, they do still toebijten, and the contraptions to mitigate their harm — and prevent them — are getting better by the day. Bitcoin is still an antifragile sewer rat, and every hack against an endpoint is a lesson for everyone te the ecosystem.

2 comments

  1. At mij all spil does not work bitfinex, can be finite it and works at whom nibud, but at mij still is not present. Very strange of course, it’s more like they were hacked, but most likely I’m just mistaken.

  2. People that are startled are those who don’t yield to the advice that don’t leave your fund on exchanges. bitfinex iss one of the exchange I personally like and has scaled well ter latest month but the team need to be very security conscious because it is going to be target for hackers

Leave a Reply

Your email address will not be published. Required fields are marked *

*