After the dust settles, the Bitfinex hack will go down in history as the second worst attack on a bitcoin exchange to date, by USD amount stolen. This clearly evokes memories of the Mt Gox debacle, although somehow this attack seems to be even more disturbing in some aspects. The funds were apparently taken from segregated wallets, although the funds were apparently not stored in cold wallets. There is also speculation about the possibility of an inside job. But before pondering about these possibilities and engaging in speculation, here are the known facts about the attack:
Millions of dollars are stolen on a regular basis from a variety of financial institutions, in a variety of different denominations. Hackers have a plethora of tools and methods to steal from every kind of account, be it a fiat or a cryptocurrency account. The common denominator is always the same: the funds are kept online. Bitfinex and other cryptocurrency exchanges should always keep most of their funds in cold storage to prevent such a hack, but once the coins are stolen it is almost impossible to recover them.
Technically, the stolen funds could be followed through the blockchain, in order to recover them. However, traces of these funds could lead to various mixing services where the coins would be replaced by others that have not been put through Bitfinex accounts. This could lead investigators to wallets that had nothing to do with the attack itself.
It is also likely that the hacker or hackers have been aggressively sending various amounts of bitcoin to separate wallets all over the network, in order to sell them through various exchanges or services. In fact, blockchain.info shows a recent spike in transactions over the last few days. The increase in transactions could probably be partially attributed to the hackers moving the funds they stole. Now blockchain forensic experts will be trying to piece the puzzle together. They will be able to investigate transaction patterns and uncover the modus operandi of the hackers in order to deliver a set of lessons learned to other members of the Bitcoin community.
In the meantime the domino effect will continue to hit other cryptocurrencies. Users and investors all around are probably nervous and are trying to get their funds out of the markets fearing another attack. This is why the lessons learned from this attack are crucial for anyone who uses any kind of cryptocurncy, and also for all the financial institutions around. Hackers are out there looking for their next victim, and anyone who thinks that only cryptocurrency holders are at risk, should keep in mind that an overwhelming amount of fiat currency, is also kept as a piece of information on a data base.