Over 13 Million ALGO Now Suspected Stolen, Algorand Foundation CTO Responds To The Situation

ALGO Stolen
Photo by Antoni Shkraba

Over 13 Million ALGO Now Suspected Stolen Between 19-21th of February

Yesterday AlgoDaddy posted an article about over 3.5 million ALGO being confirmed stolen from several different Algorand community members. 

Today we can report that over 13 million ALGOs are suspected to have been stolen between the 19th to 21st of February, and over 12 accounts have been affected. It's unclear if the ALGO was stolen through an exploit or executed using phishing techniques.

Update: This article was updated on Wednesday evening with a response from the foundation's CTO, John Woods. We've also added information about the stolen funds provided by a ChangeNOW representative. Both can be found further down the article. 

Developer Collective Suspect 13.3 Million ALGO Being Stolen

Algorand-focused developer collective D13.co contacted AlgoDaddy during the afternoon. They had found several large suspicious transactions similar to those previously reported hacked, this became apparent after having dug deeper into the Algorand transactions of ineligible governors between the 19th and 21st of February.

Bit, the founder of D13 collective, commented on the matter: "It's a weird middle ground where it's too many [affected accounts] to be a coincidence and too few to be mass exploitation" he added that "something curious seems to have happened to those accounts". 

Most of the stolen ALGO has been transferred to the non-custodial crypto exchange known as ChangeNOW, which operates without extending KYC (personal identification) to all its users. Still, it should be noted that the ChangeNOW team has implemented several AML mechanisms designed to detect fraud and filter suspicious transactions.

Affected Algorand accounts
D13.co XLM of affected accounts and transactions

CryptoNOW Says Funds Are Safe

AlgoDaddy was in contact with a representative from ChangeNOW, who said that their risk-prevention system had halted suspicious transactions in ALGO and USDC on the Algorand blockchain worth $1.5 million, stopping the malicious actors from accessing the stolen funds any further. 

ChangeNOW expressed its willingness to cooperate with the authorities and the victims of the theft and they are ready to provide any assistance necessary to help bring the perpetrators to justice. 

Recommended Read:

FBI Has Been Informed, CTO Comments On The Issue

AlgoDaddy has been in contact with several of the affected users, one of which reported having put pressure on Algorand Inc., as well as the foundation, to get a response to the situation. The same user said that he had reported the stolen ALGO to the U.S. Federal Investigation Bureau, hoping that they would look into the matter. 

After the initial silence the foundation's chief technical officer, John Woods, commented on Twitter and reassured users that the theft was not due to any technical problems with the Algorand protocol itself. 

Woods also said that they're working with affected users on an individual basis to help them investigate what happened.

It's still unclear how this crypto heist exactly happened. At the moment the amount of stolen ALGO totals to over 13.3 million, i.e. almost 3.6 million USD. 

Article Author: Martin
Follow on Twitter: AlgoDaddy
Last updated: October, 2023