An Alleged Hacker Stole $30 Million In Cryptocurrency

Cryptocurrency startup Tether is in the middle of trying to figure out how to get the stolen tokens back, or at least make sure the hacker can’t spend them.

by Jordan Pearson
22 November 2017, 10:33pm

This article originally appeared on Motherboard.

Cryptocurrency startup Tether announced late on Monday night that an “external attacker” stole more than $30 million USD worth of digital money from the company.

Tether issues digital tokens backed by its own reserves of fiat money (one USDT token is equal to one dollar USD, for example) over a protocol called Omni that runs on the Bitcoin blockchain. The company is a major player in the cryptocurrency space, and several large exchanges have integrated Tether as a method of payment.

The alleged hack was due to “malicious actions by an external attacker,” the company said in a blog post on Tuesday, and saw the attacker steal just under $31 million USD worth of tokens.

“$30,950,010 USDT was removed from the Tether Treasury wallet on November 19, 2017 and sent to an unauthorized bitcoin address,” Tether’s blog post states. “As Tether is the issuer of the USDT managed asset, we will not redeem any of the stolen tokens, and we are in the process of attempting token recovery to prevent them from entering the broader ecosystem.”

According to the company, Tether is in the middle of trying to figure out how to get the stolen tokens back, or at least make sure the hacker can’t spend them. As a temporary fix, the company released new Omni software that essentially blacklists the attacker’s address. In other words, it’s a network update that censors one person’s wallet.

After the hack, Bitcoin’s price briefly dipped but quickly recovered, which likely just means that some caffeine-addled traders made a bit of money.

The Tether hack is the second high-profile cryptocurrency shenanigan already this week—on Sunday, an Ethereum startup that raised $374 thousand USD from investors simply vanished overnight.

“Tether issuances have not been affected by this attack, and all Tether tokens remain fully backed by assets in the Tether reserve,” the company stated in its blog post. Basically, Tether claims that even if some of its tokens are gone, it still has fiat in the bank to back the remaining assets.

However, Tether’s “Transparency” page, where the company lists its reserve assets to assure customers it can indeed back their tokens, is currently down for maintenance and links to the hack announcement.

Tether spokespeople were not immediately available for comment.