Tether claims to have been extorted with forged documents, suspected to be the trigger for the cryptocurrency market crash on February 22

This article is an original piece by Chain Catcher, authored by Gu Yu.

Early this morning, Tether's official Twitter announced that it had been targeted by a forged document extortion, with the sender claiming that unless they received 500 BTC by tomorrow, they would leak documents related to Tether and Deltec Bank & Trust to the public in order to "disrupt the Bitcoin ecosystem." Tether also stated that it would not pay the ransom and had reported the forged communications and related ransom demands to law enforcement.

Chain Catcher’s investigation found that the severity of the extortion incident faced by Tether may have been seriously underestimated by the market. Given the timing of the leaked documents, this could very likely be a significant reason for the sharp decline in the crypto market since February 22. Following Tether's clarification announcement this morning, the crypto market also experienced a substantial rebound.
According to public information, Deltec Bank has been Tether's banking partner since 2018, supporting Tether's USD reserves, and has repeatedly expressed support for the company, stating, "Every USDT is backed by reserves, and their reserves are even greater than the circulating amount. We can see this for ourselves, so I can confirm this." Deltec Bank CEO Gregory Pepin stated in a podcast earlier this year.
However, due to the lack of public audit reports, the adequacy of Tether's reserves has long been questioned by the crypto community. In mid-January of this year, an article titled "The Bit Short: Inside Crypto's Doomsday Machine" mentioned that all foreign exchange held by Deltec Bank only increased by $600 million from January to September 2020, while Tether issued an additional $5.4 billion in USDT during the same period, suggesting that its reserves were far from sufficient, implying that a large portion of USDT was not backed by USD.
Around 10 AM Beijing time on February 22, a Twitter account named @LeaksTether began to release a large number of tweets, while a Medium blog called "DeltecExposed" pointed out that Deltec Bank, a shadow offshore bank supported by iFinex (Tether and Bitfinex), had suffered a serious security breach, with a private database containing their commercial infrastructure and clients, which could lead to the collapse of the entire Bitcoin ecosystem, and was seeking journalists to publish articles.
Hours later, the @deltecleaks Twitter account was frozen, but some tweets were saved to archiving sites and sparked widespread discussion on Twitter, Reddit, and other communities, while the crypto market experienced its largest drop in weeks. According to archived materials, @deltecleaks posted a large number of email screenshots, company names, and their balances on Twitter, but much of the information was incomplete.

Notable crypto analyst David Gerard pointed out in his analysis that some of the names on these lists belonged to lesser-known individuals related to Tether/Bitfinex, including several relatives of Van Der Velde (Tether's CEO).
Most of the informative content came from email screenshots, one of which showed that Tether's former compliance manager, Julian Arriagada, stated in an email sent to lroosevelt@deltecbank.com that Tether was attempting to use cryptocurrencies and equity in crypto companies as reserve assets, "We are building an asset base outside of USD, where cryptocurrencies and equity in crypto companies are the main focus. Although we believe in the value of these assets, regulators and the traditional financial system they represent do not. Before we win the battle of ideas, we need to find a way to present a graphic that illustrates the value of our assets, but in a language that traditional financial operators can accept."
In another email, Julian discussed allowing exchanges to "ignore the peg and raise prices."

Aside from the aforementioned information, no further significant details have been released. David Gerard also mentioned that he received an anonymous email on February 14, stating that the attachment contained some information regarding Tether's banking relationship with Deltec Bank, but he missed the email at the time, causing the link to expire.
This indicates that the leak of documents has been planned for a long time and likely circulated among a small number of industry insiders' inboxes before the market crash on the 22nd, but currently, no other sources have reported specific document information.
At present, the authenticity of the materials released by @LeaksTether has not been verified by any channels, but several Twitter KOLs have also expressed support for Tether. The Block's research director Larry Cermak stated in a Twitter reply to a user, "As long as Tether's vulnerabilities are shown, everyone automatically assumes they are legitimate, even without knowing where they come from, which is truly sad."
As Tether has reported this matter to law enforcement and the deadline for the ransom demand approaches, more detailed information about this incident may be publicly disclosed.