Bitfinex to hacker: “Call Me Maybe”


In a bold move the Bitfinex exchange has decided to open negotiations with the hacker(s) who attacked them on August 2nd, 2016.

We would like to have the opportunity to securely communicate with you. It might be possible to reach a mutually agreeable arrangement in exchange for an enormous bug bounty.

While this may seem bizarre to pay money to your attackers, it has been successful before with the ~$230,000 in ShapeShift thefts earlier this year. While the amount is much smaller, the tactic is basically the same.

The press release outlines means of anonymous communication so the attacker may feel safe with their negotiations. If these negotiations are successful even in part it will mean Bitfinex can pay off their debts to both their investors and customers. In August they issued a ~36% haircut to all user accounts. Despite the protest of many, this was necessary to continue operations and allowed them to comply with regulatory oversight.

Overall volume at the exchange has dropped sharply due to the incident, and the price of bitcoin has not recovered from the ensuing fall from $660.

The recovery of funds would bring faith back for many of the customers as well as bolster the overall image of bitcoin. Many bitcoin traders are still feeling burned by the 2014 collapse of MtGox, and this recent theft has not been kind to the bitcoin community.  Bitfinex was perceived as a legitimate exchange, and where most serious traders kept their funds.

While many in the community are mocking this move, this may be the best choice for the exchange. Most of the criticism and speculation is that this was an inside job and/or that the exchange still does not know what the bug used in the theft was.  In any case, a dialogue resulting the recovery of the funds will result in a lot of very happy people.