Today, when “every second project is stablecoin,” this type of cryptocurrency already occupies a separate niche within the global crypto space, having its own statistics and tracking tools, including the Stablecoin Index, the Stable Report, the Stablecoin Stats, and the Stablecoin Wars, some of which may become the “Coinmarketcap for the Stablecoins.”
In such a tense competitive space, everyone tends to oust the king exactly as with Bitcoin in the global crypto market. Despite all the scandals and suspicions, primacy still belongs to Tether (USDT) in the world of stablecoins.
And if usually all “suspicious activity” with Tether’s participation is vigorously debated, then one of the biggest speculations using Tether went almost unnoticed, receiving scant media coverage. No official statements from either Tether or Bitfinex have been obtained, either.
What Happened: Bitfinex Insider
A month ago, on the night of October 14 to 15, Pacific Standard Time, Tether fell by 7%, breaking the dollar parity, and Bitcoin (like the entire crypto market) soared by more than 10%. Bitcoin’s price on Bitfinex reached $7,788, while its average rate, according to Coinmarketcap, was only $6,965.
One of Bitfinex’s employees shared the details of the internal investigation. According to him, Bitfinex was not involved in this incident, and Bitcoin price manipulation was carried out with the help of a communicative network of trading bots, which carried out a massive sale of Tether. Bitfinex managed to establish a connection between the accounts and uncover the potential initiators of the attack by tracking the transactions with their wallets.
An independent analyst who prepared the report for Bitfinex believes that the attack involved a cryptocurrency project called IMMO, which the media often associate with the name of the Rothschild brothers (the project itself refutes these rumors).
Bitcoin’s price on Bitfinex was significantly higher than on other exchanges, due to the massive sales of Tether through this platform. At the time of the sharp rise of Bitcoin on Bitfinex, technical problems were observed due to a large number of orders. The analytics system reported on suspicious activity—the launch of trading bots. Coinspeaker, referring to its source, reports that trading bots were combined within a single system and managed centrally to a fraction of a second. Orders to buy Bitcoin were placed from hundreds of accounts, and the price was constantly increasing. The publication notes that today, it is the largest case of using such a scheme in the crypto market.
The exchange has full information about the order book, which is also stored in the history. By using this data, Bitfinex was able to separate ordinary users active on the exchange at the time of the pump from the bots.
All suspicious accounts were blocked until the clarification of details. Also, an anonymous interviewee noted that each such account contained approximately the same amount of Tether.
Then it turned out that the funds for dozens of similar addresses came from several whale addresses and then gradually poured into Bitfinex in order not to attract attention with large sums. The main suspect, one of the whales who turned out to be associated with IMMO, could be identified by deanonymizing his wallet.
If you believe in the involvement of the IMMO “reserve cryptocurrency,” then one of the alleged causes of the attack is to eliminate the competitor, or the most popular stablecoin of today.
But there is another theory that sets ulterior motives for the attack to the fore. In his article “Anatomy of the Tether Attack: Are Stablecoins Vulnerable?” Henry He, the founder of the SesameOpen smart contract protocol and security expert, examines the possibility of attacks on stablecoins (and their complexity) using the example of Tether. He notes that usually, the analysis of the stablecoins is based on normal market conditions without taking into account the sharply increasing volatility at the moment of the attack: “However, during an attack, the market movement is massive and sudden. Assuming these attacks are legal and highly profitable, just like Soros’ attack, they will come back again and again. Only the stablecoins that can survive these attacks can eventually become the ‘holy grail,’” writes He.
In the absence of detailed information, He drew a picture of the attack based on publicly available data from the Coinmarketcap. He explains that this is a classic speculative attack: a massive and sudden sale of cryptocurrencies in a relatively short period.
As can be seen in Figure 1, the attack was swift: it lasted only three hours. It took about 100 minutes to lower the price of Tether to the bottom mark of $0.925284. Then, about 65 minutes later, the rate rose to $0.973513 and began to stabilize. The volume of Tether transactions for these three hours amounted to $2 billion, which at the time corresponded to the average daily trading volume.
The attackers first opened large positions in Tether and large positions in Bitcoin or other cryptocurrencies. Then they suddenly sold Tether, which drove the price down to the bottom line, at the same time raising Bitcoin by about 10%. And in the end, they sold a large Bitcoin position to make a profit, and (possibly) bought Tether back at a lower price, thus reducing losses from the Tether dump.
“I believe the attackers leveraged the fact that Bitcoin and other crypto assets are perfectly negatively correlated with stablecoins,” says He.
As shown in Figure 2, the price of Bitcoin began to rise when the attack started, reached a peak when the rate of Tether dropped to the bottom mark and collapsed when the price of Tether recovered.
He notes that it is challenging to accurately assess how effective the attack was with such limited information, but it can be said with confidence that it was very profitable. The total capitalization of the crypto market has soared by 10%, or $20 billion, while Tether lost only $210 million in capitalization. “That difference represents a tremendous opportunity for profit-taking,” says He.
The expert notes that the resources necessary to carry out such an attack are enormous, but many players in the space have them.
If we assume that the total sales volume (shown in Figure 3) was the amount needed to break the Tether peg to the dollar and bring it down to $0.925284 in just 100 minutes, then the attack took more than $1 billion. But considering the possibility of trading with leverage and the fact that control of 10% of the market allows you to influence cryptocurrency prices, then $100 million will be enough to start the attack and put the market in motion, after which it will do all the work.
He believes that an attempt to resist the attack was definitely being made, but it failed. As can be seen in Figure 3, if we assume that the total purchase volume (Total Buy) was an attempt to protect Tether, then the defending party spent about $221 million—an impressive amount that few can accumulate in 100 minutes.
“Understanding the economic incentives for both attackers and defenders is critical to understand why attackers want to attack and how they attack, as well as whether defenders can actually defend the peg and whether they should even try,” notes He.
The ultimate motivation of the attackers on fiat currencies is profit. The same motivation is also relevant when attacking stablecoins. “Stablecoin projects should recognize that breaking the peg is not the ultimate goal for speculators in mounting an attack. It is only a means to cause the expected market movements during the short attack period and profit from them accordingly, even though the stablecoins can return to the pegged price after the attack,” says He.
Not Just Tether
Based on his own analysis of the attack on Tether, He reports “bad news for all stablecoin projects,” namely: a successful attack on such cryptocurrencies is quite easy to implement, and “no stablecoin project today can defend itself against a speculative attack.” “Whether people like Tether or not, it should get some credit for attempting to defend the peg against the recent speculative attack. It spent at least $200 million to do so. It probably needs $500 million more to succeed in future attempts,” He writes. He also notes that one of the key difficulties for the defending side lies in the rapid course of the attack: “Since these attacks happen during a concise period, there is no time to move money from the bank or issue bonds; therefore, the stabilization capital will need to be on hand, moving forward.”