IRA Financial Trust, which offers self-directed retirement accounts, has been targeted in a heist where hackers made off with $36 million in cryptocurrency.
In the a statement on February 8th, the Trust said that it discovered “suspicious activity that has affected a limited subset of our customers with accounts on the Gemini cryptocurrency exchange. Upon discovery, we immediately launched an investigation and contacted state and federal law enforcement.”
The same day, hackers stole $21 million in Bitcoin and $15 million in Ethereum from the accounts of IRA Financial Trust customers, the statement said. IRA allows its customers to purchase cryptocurrency through a partnership with the cryptocurrency exchange Gemini Trust Co.
Blockchain security researchers at Chainalysis said that they are tracking the stolen amount, and believe that the cryptocurrency is being laundered through a mixer service known as Tornado. Tornado has been used for schemes like this in the past.
IRA Financial spokesperson Maria Stagliano said the company’s investigation is primarily focused on security controls that IRA Financial claims weren’t offered or available from Gemini.
Gemini stated that they weren’t breached and that it was offering to assist IRA Financial Trust in its investigation.
“We are aware that IRA Financial experienced a security incident last week,” the company said, in a statement. “While IRA Financial’s accounts are serviced on the Gemini platform, Gemini does not manage the security of IRA Financial’s systems.”
Apparent IRA Financial users posting in forums on Reddit Inc. said they experienced their crypto accounts being emptied, with thieves directing stolen funds to a Roth IRA account with the name “Benjamin Choe.” The funds from the Choe account were subsequently sent to services that are often used to launder cryptocurrency. Some users said that cash stored in their accounts was also taken.
“I only had cash in my Gemini account, no coin, and it was all taken in multiple transfers to Choe at $10k per transfer,” one Reddit user wrote. “So in only 15 seconds they moved all my cash.”
Another user wrote, “All of my BTC and Ether have also been transferred out. I can confirm that they only transferred out whole units and left a small fraction of BTC and my cash.” The user added, “Transfers were made out to the Choe Roth in multiple 1 whole unit coin transactions.”
Protecting Your Cryptocurrency
Cryptocurrency and the blockchain stand to be a major driving factor in the technology of the future. However this popularity has attracted an element of cybercrime. There are several tools internet users should use to increase their online protection. One of these tools is SaferNet.
SaferNet is the perfect solution to the cybersecurity issues that individuals, families, and businesses face today. It not only connects every device using a secure, 24/7 always on, military grade VPN, but it also stops outside cyberthreats, malware and viruses as well. On SaferNet, all users are protected anywhere in the world, all the time, on any cellular or Wi-Fi network. In addition to SaferNet’s VPN and cyber protection, it also offers a range of employee or parental/family internet controls including internet filtering, monitoring, scheduling, and blocking access to websites or even entire website categories
Typically, a user would need 3 separate services for a VPN, Malware Protection, and Internet Controls; SaferNet offers all 3 features in one service. SaferNet truly is an endpoint security presence that can be implemented in minutes around the world, on phones, laptops, tablets, and computers at an economical price point that caters to all internet users. SaferNet guarantees a smooth setup and installation process that takes only minutes, and an easily accessible control hub for you to monitor all your employee’s or family members devices; including activity, time spent online, and threats blocked.