Retool Identified as Third-party Vendor in Fortress’ $15 Million Crypto Theft
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
San Francisco-based software company Retool has been identified as the third-party platform through which $15 million in Fortress Trust funds were stolen.
Theft Fast-Tracks Fortress’ Acquisition
In a September 7 tweet, API-focused e-payment platform for Web3 companies Fortress announced that four of its customers’ accounts with a cloud tool platform were compromised. It was later disclosed that $15 million was lost in the process.
However, Fortress Technology refused to disclose the third-party vendor involved in the reported theft. After the platform hack, Fortress immediately terminated its integration with the cloud service provider’s platform and assured other investors that their funds were safe.
Last week, 4 Fortress customers were impacted by a third-party vendor whose cloud tools were compromised. Thankfully there is no breach within Fortress Technology or systems, impacted accounts were fully restored, and most importantly, of course, there is no loss of funds.
— Fortress IO (@Fortress_io) September 7, 2023
Recent revelations show that it might be San Francisco-based cloud service provider Retool. According to a blog post, Retool admitted it fell prey to a spear phishing attack on August 29, 2023. About 27 customers were impacted after their accounts were accessed illegally in that incident.
Although it didn’t name Fortress Technology in the post, Retool was tasked with creating a portal. This will enable the designated account of four Fortress customers to directly view their account balance using the cloud services platform.
This attack has served as a catalyst for Fortress to sell its business to the cross-border blockchain protocol, Ripple. The blockchain protocol reportedly paid the stolen $15 million as a down payment to make the affected customers whole.
This sum is expected to be removed once the final acquisition is concluded. For now, no particular price peg has been placed on the Nevada-based trust company.
Speaking on the latest development, Ripple blockchain’s spokesperson noted talks about the acquisition quickly accelerated after reports of the incident were confirmed.
BREAKING: Ripple buys ANOTHER company 🤯🚀
After buying Metaco for $250M, they now have acquired “Fortress Trust”
Why this is EXTREMELY bullish 👇🏼
“With this acquisition, Ripple’s growing portfolio of regulatory licenses expands, as Fortress Trust holds a Nevada Trust license.… pic.twitter.com/RDN3ROTAg5
— MASON VERSLUIS 🏆🔮 (@MasonVersluis) September 8, 2023
Ripple, who was already a minority holder in Fortress Technology, said the acquisition made sense for its strategic initiative of expanding crypto access across the globe.
On-Premise Accounts Were Secured
The crypto space has been the subject of several cyber attacks over the past two years. For instance, the Ronin network, a side-chain for the Axie Infinity non-fungible token (NFT) game, lost a reported $600 million. Several other attacks have been recorded, with crypto investors losing millions.
Retool noted that the impacted accounts were those of clients in the crypto space. This points to the lackluster security protocols most crypto-focused services often face.
However, the cloud services provider clarified that all accounts using its on-premise software remained unaffected. Retool’s on-premise accounts operate within a zero-trust framework, meaning its cloud tools cannot access the software. This is because it is stored using a multi-signatory wallet and is solely a self-contained environment.
Meanwhile, BitGo and Fireblocks were the custodial wallets Fortress Technology used in integrating with the Retool platform. However, both platforms were not impacted by the security breach.
Clearing the air on the event, BitGo CEO Mike Sheele stated unequivocally that the breach had nothing to do with the crypto wallet provider in a tweet.
I can’t express enough how upsetting this Fortress Trust episode is to me. I really don’t want to talk about it at all, because it actually has nothing to do with BitGo. But because Fortress was not forthcoming about what actually did happen, we are now indirectly affected -… https://t.co/jXZYGBt93B
— Mike Belshe (@mikebelshe) September 11, 2023
Meanwhile, brokerage firm Swan Bitcoin also testified that none of their crypto funds were stolen by hackers during the aforementioned security incident.
Swan client coins are in insured cold wallets at BitGo and did not move during the reported incident at Fortress. The coins are protected by video calls and physical access, and are not subject to any incidents at Fortress.
Swan set up this agreement with Fortress to use BitGo…
— Swan Bitcoin Adoption Team (@SwanBitcoin) September 11, 2023
According to the crypto brokerage company, all crypto assets are secured with video calls and physical access, ensuring only the authorized account owner can access the accounts.
The continued focus on crypto businesses shows the ecosystem is not yet mature enough to safeguard itself. Furthermore, the lack of regulatory clarity has made it easier for hackers to make away with stolen funds if a security breach is not quickly noticed.