GBM Global Holdings, the parent company of the Bitmart digital currency exchange, is petitioning a New York court for a restraining order preventing those responsible for the recent attacks on Bitcoin SV from transferring their fraudulently obtained coins from the wallets currently holding them.
The filings are heavily redacted, in large part to preserve what GBM calls trade secrets—things like deposit confirmation processes and the dollar-amount lost by the exchange in making affected customers whole. Because of this, the specifics of what GBM knows about the attacks and how they know are tough to piece together. For example, though the lawsuit provides what seems to be a lengthy list of defendants, the list itself is redacted. It can be deduced from the rest of the filing that the defendants are registered users of the Bitmart exchange and GBM believes that they are based in China; it is not clear how much identity information Bitmart has for each defendant.
The filing says that following the July attack on BSV which saw malicious double spending of ‘fake’ BSV tokens, hackers were able to defraud at least 43 Bitmart customers (and potentially those of other exchanges) by exchanging the fraudulent BSV for other assets on the platform. According to the filing, Bitmart discovered what the hackers were attempting to do on July 9, at which point it identified and froze 92 affected customer accounts. However, some amount of fraudulently obtained assets were successfully transferred to other exchanges, including Binance, Huobi and OKex.
GBM is primarily looking for a preliminary injunction against both the defendant hackers and the third-party exchanges which the stolen assets have been transferred to pending the outcome of arbitration. They are also seeking permission to serve the defendants via e-mail, something the defendants would have agreed to in Bitmart’s terms of service.
According to a letter sent to the court by the plaintiff’s attorney:
“[the proposed order’s] purpose is to inform the third-party exchanges of the Court’s restraint of Defendant’s assets, and not theirs. Indeed, it does not prohibit the third-parties from doing anything, but rather asks them for a freeze of Defendant’s assets to aid petitioner in preventing further dissipation by Defendants.”
A preliminary injunction like this requires the requesting party to show that the relief is necessary in order to avoid irreparable harm. The filing argues:
“Here, Defendants are foreign, impossible to identify hackers intent on fraud, there is almost no likelihood that they would pay a damage award. Short of receiving an injunction of already-identified, fraud-begotten cryptocurrency, there is no way for Petitioner to secure ultimate recovery.”
Bitmart has told the court they have reached out to all the exchanges which received the stolen assets, but given how time-sensitive the facts at issue are, an expeditious granting of the injunction is likely their best hope at recovering anything of the stolen coins.
In a statement to CoinGeek, Dr. Craig Wright, author of the original Bitcoin whitepaper, said: “There are many attacks against Bitcoin but the reality is that these are targeted at a false perception of how Bitcoin worked. The claims that Bitcoin operates outside the law limit the ability of attackers to get away with attacks and over time strengthen the system. Because many people still believe that Bitcoin acts in a distributed manner outside of the law, they don’t take into account the criminal activities remain actions of individuals and that Bitcoin as an evidence system enables the tracking and tracing of any crime allowing for all of this to be economically infeasible in the future.”
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.