Tether was hacked by the same person who hacked Bitstamp in 2015 (x-post /r/cryptocurrency)

Decided to have a look at what we could learn about the Tether hack from the blockchain, the coins are still moving around so I may edit this later as this develops.

It actually starts with this wallet here:


Look familiar? Go to the last page, that was the wallet used to steal 19000BTC from Bitstamp back in January 2015 (and which was still receiving coins from Bitstamp as recently as September, well done guys).

This wallet made two transactions, the first is fairly innocuous but I'll come back to it later:


This address then sends out a further 0.01BTC:


The following morning it sends 0.01 to the address that was several hours later used to empty the Tether wallet:


I'm not quite sure why they would make a deposit like this to it hours before – perhaps to test that everything is working?

At 10:53, the wallet makes several transactions transferring 23 million tethers from the tether wallet:


Then at 11:10 they transfer another 7.9 million tethers. A further 50,000 tethers are transferred over at 11:54.

At 12:01, 5BTC (the bulk of the bitcoin in the tether wallet) is transferred over to the same address:


These tethers are then transferred over to the address in the Tether announcement as their relevant blocks are confirmed.


The 5BTC is also transferred to this address in amounts of roughly 1BTC per transaction:


Following the BTC along, you arrive back at an address from before, which is confirmed to be part of the wallet holding the stolen Tether:


It's worth noting that this same address was just used to create an Omni token called lioncoin:


The BTC from the tether wallet ended up in these addresses:




I will update this post as more develops.

Edit 1

This wallet from the Tether and Bitstamp hacks seems to be owned by the same person who took 8500BTC from Huobi in late 2015, interesting…


Before he was taking thousands of BTC off exchanges and sending it to BTC-e, he also used to sell much smaller amounts on Localbitcoins.




So Localbitcoins guys, if you have a log of who was using this address back in 2015, you've got the hacker 😉

Edit 2

So I was asked whether this could be an inside job.

Well, maybe? I don't think there's enough evidence from chain analysis alone to draw a conclusion.

Some of the transactions which funded the lioncoin address came from an old Bitfinex wallet, and some came from the bitstamp hack address. Bear in mind that this is part of the same wallet that the stolen tethers were sent to.

Also if you look at the tether address you'll notice that when other blocks of tether were released they were quickly transferred to the Bitfinex wallet, with this 30 million being the exception, that said in prior months they had regularly left millions of tether in this address for days at a time, so this isn't necessarily a red flag.

It could be that the attacker had access to the main tether issuance address (3MbYQMM etc) or it may just be that they noticed the 30 million tethers sat on the wallet that they could manipulate. Presumably Tether know whether or not they intended to make this transaction. Without knowing that we can only speculate on whether the compromise went beyond the address that was emptied.

submitted by /u/SpeedflyChris
[link] [comments]

Help Decode Wikileaks Message X-Post From /r/WhereIsAssange

" UPDATE https://twitter.com/kellykolisnik/status/800631422851510272

Kelly Kolisnik @kellykolisnik “He who controls the past controls the future. He who controls the present controls the past.” -George Orwell. #Orwell @WikiLeaks

Kelly Kolisnik of Wikileaks tweeted this about an hour after the the earlier version of this post.

Very possible this is a /Wink&Nod/ to indicate we are on the right trail

Blockchain is the key

Cabelgate ( http://www.righto.com/2014/02/ascii-bernanke-wikileaks-photographs.html )

Backup files found in blockchain. Wikileaks used special insert / withdraw tool.

Characteristics of suspicious transactions:

.0001 BTC to multiple created wallets

Transfers with abnormally high TRANSACTION COSTS, to ensure posting in case of unusually high volume

List of other suspicious transactions – u/Cpt9captain http://pastebin.com/j3VwksdW

https://tradeblock.com/bitcoin/tx/cc455ae816e6cdafdb58d54e35d4f46d860047458eacf1c7405dc634631c570d .0001 transfer FEE 291 BTC ($ 280,000 USD)

The answers are here, it is only a matter of isolating the data. Stay strong. Stay focused. This is history.



He who controls the past controls the future. He who controls the present controls the past. Today He dies.

It will be where the dead switch is released if it exists, and Julian confirms its use in VERIFYING PAST DUMPS. The odd behavior on behalf of Wikileaks Wallet pushed me to do some search into Wikileaks history with Bitcoin. After reading the chan posts about DMS / keyholders / wildcards, I noticed that most documented instances of Julian's discussion of BITCOIN/BLOCKCHAIN architecture always ended up relating to publishing and time verification. (two elements of a DMS). “Bitcoin is an extremely important innovation, but not in the way most people think. Bitcoin’s real innovation is a globally verifiable proof publishing at a certain time. The whole system is built on that concept and many other systems can also be built on it. The block chain nails down history, breaking Orwell’s dictum of ‘He who controls the present controls the past and he who controls the past controls the future’.” IF THERE IS A DMS IT WILL BE ACTIVATED VIA THE BLOCKCHAIN. moreover, IN THIS VIDEO ASSANGE DISCUSSES USING THE BLOCKCHAIN IN THE PAST FOR CRYTO VERIFICATION. https://www.youtube.com/watch?v=RSfZC_u1Fcg We must pour through WIKILEAKS Blockchain transaction history as their is most certainty new/and or undiscovered information/indicators. He knew the dark days would come, and there is no doubt in my mind the answers to the questions we have are answerable due to the breadcrumbs and canary left for us. #FreeJulian "

submitted by /u/WillWorkForLTC
[link] [comments]

Peter Thiel (member of President-Elect Trump’s Transition Team): “It becomes a threat to fiat money at a point where Bitcoin is encrypted in such a robust way that the tax authorities can’t break the encryption, can’t tell how much money you have, and what transactions you are doing.” [x-post]

Peter Thiel (member of President-Elect Trump's Transition Team): "It becomes a threat to fiat money at a point where Bitcoin is encrypted in such a robust way that the tax authorities can't break the encryption, can't tell how much money you have, and what transactions you are doing." [x-post] submitted by /u/eragmus
[link] [comments]