The F Society ransomware group has listed 4 additional new victims on its leak site. The group’s alleged victims include: Bitfinex, Coinmoma, Rutgers University, and SBC Global Net.
Bitfinex is a prominent crypto-exchange platform while Coinmoma offers cryptocurrency-related coin, chart and event data. Rutgers University is a public land-grant university operating four campuses in the state of New Jersey. It is one of the oldest operating universities in the United States.
SBC Global Net was an email service provided by SBC Communications, which was later acquired by AT&T.
F Society Ransomware Group Shared Alleged Samples
While the attack remains unconfirmed, the ransomware group shared unique descriptions for each victim along with links of sample data obtained from the attacks. The description for each attack included a mention of the total file size of the stolen information and the type of data obtained in the attack.
Each victim was given 7 days to pay a ransom or threatened with leak of the obtained data. No ransom amount was publicly mentioned.
The following claim was made about each victim:
- Bitfinex: The post description stated that the group had stolen 2.5 TB of information and the personal details of 400K users.
- Rutgers University: The group claimed to have stolen 1 TB of data, while not stating what form of information it had acquired.
- Coinmoma: The group claimed to have obtained sensitive data including user information and transaction histories. The file was stated to be 2TB in size and consisting of 210k user records.
- SBC Global Net: The group claimed to have obtained unauthorized access to the victim’s system and that they had obtained sensitive data such as personal details of users. The file size was stated at 1 TB in size.
No official responses have been made yet and the claims remain unconfirmed. The Cyber Express Team has reached out to Rutgers University for details about the alleged data breach, however at the time of writing no response was received.
Bitfinex’s CTO Paolo Ardoino, later appeared to refute the claims made by the threat actor. An investigation found discrepancies in the leaked data as only about 5,000 of them matched Bitfinex user accounts out of 22,500 present.
The CTO stated that the exchange doesn’t store passwords and 2FA keys in plaintext, adding that if the leaked emails were from the database, they would expect a 100% match.
BitFinex Was Previously Hacked
While F Society ransomware group’s claims against BitFinex have been refuted, BiFinex had previously fallen victim to a major hacking incident in the past.
In the earlier 2016 incident, about 119,754 in bitcoin was stolen from the Bitfinex platform after a hacker breached its systems and initiated about 2,000 unauthorized transactions. The stolen bitcoin was sent to a man, who along with his wife, attempted to launder the money across digital accounts.
Law enforcement managed to track the couple after 6 years, and managed to recover more than 94,000 bitcoin that had been stolen from Bitfinex. The total value of the recovered bitcoin was stated at over $3.6 billion at the time of arrest, making it the single largest recovery in the history of the US Department of Justice.
However, the perpetrator of the hack is still unknown but is known to have used a data destruction tool to cover their trail. A former FBI agent was quoted as stating that Bitfinex’s earlier security lapse was likely due to its desire to accelerate transactions and thereby raise profits.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.
