To briefly summarize in Tether’s words:

On November 20, 2017 Tether announces that the day before, they discovered that $30,950,010 was “improperly removed from the Tether treasury wallet through malicious action by an external attacker … sent to an unauthorized bitcoin address.”

16tg2RJuEPtZooy18Wxn2me2RhUdC94N7r

Tether responded by:

  • Flagging the stolen tokens: “will not be redeemable by Tether for USD”
  • Temporarily suspended their back-end wallet service
  • Released a temporary hard fork in the form of an update to Omni Core (Tether runs on top of) in order to lock up the stolen tokens and blacklist the associated wallet address. 

“These builds should prevent any movement of the stolen coins from the attacker’s address,” Tether said in its statement. “We strongly urge all Tether integrators to install this software immediately to prevent the coins from entering the ecosystem.”

It bears mentioning that Tether.to does not frequently put out new releases – the last time being several months ago. 

∗ Omni Core also has a revoke feature. Technically, an update is not necessary. 

Soon as I saw this announcement, I knew something was off. 

Why did the hacker not convert funds to XMR , BTC, or ETH the moment after the hack?

What little I have read about Tether always seemed sketchy, so I decided to dig. 

Red Flags Have Surrounded Tether From the Start

Tether is a Chinese company originally known as Realcoin that was somehow able to attach itself to the fiat currency of the Federal Reserve since 2015 without any kind of repercussion whatsoever.

Tether can also represent the Euro, and soon the Japanese Yen. Basically the top 3 failing paper fiat currencies experts continuously predict will crash, yet somehow have avoided hyperinflation since the birth of crypto-currencies.

Essentially the way Tether works is they hold the equivalent amount of US dollars to Tethers in a bank account, yet they have never provided any evidence of this money existing.

No one knows where Tether banks, or if they even have a bank. 

At the beginning of November, Tether had a market cap of $451 million. At the time of the hack, it showed just under $675 million on its transparency page – $224 million in twenty days … nearly $600 million total created out of thin air in the last 6 months.

It’s as if they can print the money they need (just like the Federal Reserve). 

Tether and Bitfinex Have Connections

The wallet address being targeted by Tether mentioned above is a Bitfinex wallet address

It was pointed out by the Federal Reserve‘s media outlet Coindesk that Tether and the exchange Bitfinex have a common owner and that “… the exchange has been using the asset to engage in fraud and market manipulation.”

This accusation may actually be verifiable. As one user on the BTC reddit points out:

Tethers are usually “printed” from here, sent to this address, then proceeds to feed directly into this Bitfinex address to fuel a very blatant BTC pump shortly after.

A day before the hack was announced, it was noticed that $30 million of USDT suddenly sat still:

A few days ago tether started printing millions at a rapid pace. The last issuance of 30 million did something different. Instead of immediately going to bitfinex, it stayed put.

Then two days later if finally moved …

At that exact moment, several noticed Tether’s transparency page indicated they were short $30,615,336.74 in covering their assets just before it went offline and the news of the hack came online. 

A well researched blogger by the name of Bitfinex’ed has compiled a list of unanswered questions, such as:

  • Why did Bitfinex inform a potential shareholder that “Bitfinex is not tether, we bank at the same banks”, when Bitfinex is a majority shareholder in Tether?
  • Why did Bitfinex base their equity valuation on their trading volumes and expected revenue, when Bitfinex knows their trading engine allows for wash trading against the same account? Why are orders allowed to match against the same account? This is also illegal.
  • Why is Tether, operating a money transmitter under an attorney trust account? This is illegal.
  • Are Tether funds coming from loans to Bitfinex/Tether I.e., Bitfinex/Tether borrows $30 million from a bank at 5–10%, loans them out on margin markets/buys bitcoin with it which rises faster.

I then came across an interesting theory behind Bitfinex and Tether.

In summary:

The primary purpose of Tethers is money laundering (more so than most cryptocurrencies). Bitfinex was cut off from the US financial system, which makes it impossible to clear USD wires. At the time, their clients had ∼$400 million USD on deposit with the exchange. Tethers was their solution: a cryptocurrency that was just good as the US dollar – usable on a handful of exchanges in buying BTC and other cryptocurrencies.

Bitfinex is essentially laundering money to support their exchange business. 

This is exactly what happened in the final months of Mt. Gox

There is actually no proof that anyone has ever deposited or redeemed a single cent to/from Bitfinex and Tether since April.

Bitfinex Was ‘Hacked’ Last August

Bitfinex was hacked last August, losing $72 million in customer funds. Instead of paying back these lost funds, they essentially created a ponzi scheme, and wiggled their way out of it.  

“The fastest way to get paid back, is to convert debt to shares and then sell your shares to another shareholder”.


– Bitfinex Chief Financial Officer, Giancarlo Devasini

The Hacker’s Wallet Has Been Used Before

A reddit user by the name of SpeedyflyChris did some amazing detective work, showing that whoever hacked Tether was the same person who hacked Bitstamp in 2015.

This same connection of addresses is also responsible for the creation of the Omni token called LionCoin.

So What Might Be the Real Story?

Although there are some interesting connections that suggest an inside job of money laundering … similar to Mt. Gox … there are many other speculations circulating that are worth noting, such as:

  • Bitfinex may have found the address of this frequent hacker and used their address as a place to dump money in order to make it looked like it was “hacked”.
  • There be an underground agency that will “hack” your exchange and move it to places where you can safely keep the money.

Whatever the real story may be, (and I am sure I have only scratched the surface) this is only the beginning of the corruption that is going to surface in the crypto-world – just like how it all went down during the dotcom era.