Bitcoin security auditor Hacken may finally have the key to unraveling the person or group responsible for the recent 213 million XRP hack on the personal wallets of Ripple Co-Founder and Chair Chris Larsen.
The 213 million XRP Hacking Incident
On January 31, an orchestrated cyberattack drained a wallet linked to Ripple Labs. The funds were subsequently directed to several crypto exchanges to be laundered. The recipients were wallets hosted by Binance, Kraken, OKX, MEXC, Gate, HTX, and HitBTC, among others.
The incident fueled fears that the company itself may have been compromised. Others even went as far as to sound the alarm of a potential attack on the network.
To quell the FUD, Larsen immediately stepped up to clear up things. He said that the hacked tokens belonged to his personal wallet address and assured the crypto community that they had already alerted law enforcement authorities about the matter. Likewise, they have coordinated with crypto exchanges to freeze the involved wallet addresses.
After a Binance review of Larsen’s request, CEO Richard Teng confirmed the next day that they had frozen an account holding $4.2 million worth of stolen XRP.
Hacken’s Investigation
Hacken’s investigation of the event revealed a startling discovery about the suspected hacker or group responsible. Based on the report of its audit posted yesterday on X, there’s a high probability that it might have been an inside job.
Hacken claimed that the hacker had access to two wallets that Ripple authorized in the past. However, the security audit firm stated that it was too early to point fingers and didn’t provide any more specific details on the attacker. Reading between the lines, there’s a strong likelihood that it may have involved an employee of the company or someone close to the Chair.
“Driven by peculiar intricacies surrounding a recent XRP event, our team embarked on an in-depth inquiry,” Hacken tweeted. “The key outcome of our investigation: two wallets, that took a central stage in the incident, are connected to XRP’s authorized wallet.”
The breadcrumbs led to a wallet having a long connection with Ripple. The wallet in question with its first few characters starting in “rU1bPM4” once sent $64.6 million worth of XRP to Larsen. It also had a prior transaction of $37,500 with one of the intermediate wallets used to divert the stolen tokens. What’s more, “rU1bPM4” previously sent almost $2 million worth of crypto to a deposit address hosted by Kraken, and the latter is now holding some of the stolen XRP haul.
As of this writing, Hacken continues to untangle the web, which slowly exposes the identity of the cyberattacker or attackers.
Final Thoughts
The ongoing progress of Hacken’s probe exhibits the traceability of transactions within a public blockchain, which often works against bad players in the crypto sector. This is probably the reason why a lot of corrupt politicians shun cryptocurrencies but is also one of the factors that the government wants in its push for financial surveillance and control via Central Bank Digital Currencies (CBDCs).