Tether Froze $300K of Stablecoin Hacked After Victims Left Wallet Keys in Evernote

gepubliceerd op by Coindesk | gepubliceerd op

Vermeld in dit artikel
The funds, co-owned by Shixuan Cai and business partner Lin Jian Chen, were later frozen by operator Tether Ltd. after Cai reported the theft to the Los Angeles Police Department in April, court documents filed on Thursday show.

Cai then transferred those funds to a personal wallet co-owned and managed with Chen.Just four minutes after Cai had transferred the tether from Binance to the personal wallet, the funds were transferred again, but without the business pair's permission, to a wallet address ending in 8869.Hours later the funds were split with two thirds of the funds going to yet another wallet address ending in 44c2, while 100,301 USDT remained in the 8869 wallet.

Cai contacted Chen the following day attempting to uncover how the funds had been moved, learning Chen had recorded their private key, used for authorizing transfers from their wallet, in an Evernote account.

Hackers masking their IP address through a virtual private network found the wallet key in Evernote and conducted multiple intrusions between Jan. 26 and Feb. 5, Chen later learned.

The key was used to authorize the transaction from their personal wallet to the destination wallet ending in 8869.

Cai reported the theft two months later on April 9 to both Tether Ltd. and the LAPD where the funds were temporarily frozen by Tether pending an investigation.

Kamil told Leighton the funds originally belonging to Cai and Chen were transferred to him by an unidentified business partner who in turn had received the funds from an undisclosed person in China.

At that time, Tether Ltd. unfroze the stablecoin funds at the behest of the USSS before the warrant was executed and the funds transferred to a wallet controlled by the U.S. government.

"Tether routinely assists law enforcement agents and seeks to further their legitimate objectives," Tether CTO Paolo Ardoino told CoinDesk.

The case is a reminder never to leave any wallet keys or recovery phrases stored online where they may be accessed by bad actors.

x