On June 19, Bithumb, South Korea’s number one crypto exchange, . The attackers stole cryptocurrencies worth $30 million, making it one of the largest heists of the year so far. While the exchange has already promised to compensate its users, the damage has been done: yet again, it has become evident that even the biggest players cannot guarantee total safety.
Indeed, the crypto world hasn’t been the same since . Still, it comes down to how these attacks are handled in the aftermath: while some go MIA or , others choose to step-by-step, steadily making amends with the community. Here’s how the largest hacks of 2018 so far have happened, and what their consequences have been.
Bithumb: “No damage” to the customers
When: June 2018
Hacker’s prize: $30 million worth of cryptocurrencies
Outcome: Drop in rating
On June 19, Bithumb, South Korea’s biggest crypto exchange, . Over 35 billion won (about $30 million) worth of cryptocurrencies was stolen. At the time of the attack, Bithumb was ranked as the sixth largest exchange by trade volumes globally but has since dropped .
According to , the hackers hijacked Bithumb’s hot wallet. Coincidentally, the exchange started moving “all of asset[s]” to a cold wallet in order to upgrade its security system on June 16, days prior to the attack.
Once Bithumb’s team realized their service was being hacked, it halted all deposit and withdrawal services. made on June 21, the crypto exchange confirmed its intention of reimbursing the users affected of the theft. Moreover, Bithumb stated that their wallet system was undergoing “a total change” in order to prevent further attacks and claimed that there will be “no damage” to its customers as a consequence of the theft, emphasizing its strict separation of customer and company assets.
According to , the country’s Ministry of Science and Technology has launched an investigation into the hack. Reportedly, the Korea Internet & Security Agency (KISA) also got involved in order to figure out how exactly the attack occurred, working closely with local police and other agencies. Allegedly, authorities have also sent officers to Bithumb’s offices in Seoul to collect data and records from the company’s computers.
The hijack occurred just weeks after Bithumb by the South Korean government, which found no evidence of wrongdoing at Bithumb after a three-month investigation, but ordered the exchange to pay 30 billion won (approximately $28 million) in taxes.
Bithumb has been hacked before. In July 2017, the personal data of 30,000 customers due to an employee’s computer becoming compromised, while some users reported losses as well.
Coinrail: Danger of FUD
When: June 2018
Hacker’s prize: 40 billion won (approximately $37.2 million)
Outcome: Mainstream media overreaction
When South Korean exchange Coinrail was hacked, the mainstream media reacted in full force. , , and all linked the cyber attack with the price drop of bitcoin and altcoins — bitcoin lost around 11 percent of its value at the time — albeit recognizing that Coinrail was a rather small operation, being the 99th largest crypto exchange at the time. Moreover, none of those articles mentioned another possible explanation of the price drop, such as in the crypto market, which was happening at the same time. That, of course, .
It was that Coinrail lost around 40 billion won ($37.2 million) worth of cryptocurrency, including 21 billion won worth of Pundi X and 14.9 billion won worth of Aston coins. As local news outlet points out, Coinrail removed parts about reimbursement from its terms of service a week prior to the attack. However, the exchange reportedly explained the removal by saying that it was working with the government to revise the terms of the contract.
According to the exchange’s , 70 percent of its assets have been transferred to cold storage, and “about 80 percent” of the stolen coins have been frozen or withdrawn in some way, as the exchange is under “system maintenance.” Coinrail plans to reopen around July 15.
Verge: Ignorance is bliss
When: April-May
Hacker’s prize: 35 million XVG (about $1.7 million)
Outcome: Damaged reputation
Privacy-focused cryptocurrency Verge (XVG) — thrice, considering that its Twitter account , as well — in the past few months.
In the beginning of April, reports about Verge being hacked started to emerge. Apparently, the attackers exploited a bug that allowed the manipulation of block mining timestamps. Using the code’s flaw, they had the ability to create illegitimate coins out of nowhere, stealing 250,000 XVG as a result. Verge called the incident “” and claimed that funds were only exploitable for three hours. On Bitcointalk.org, a member of the Verge team “we're kinda glad this happened and that it wasn't as bad as it could have been.” In response, the message board user OCMiner noticed that developers apparently ‘resolved’ it by accidentally launching a hard fork. XVG lost about 25 percent of its value in reaction to the news.
On May 21, Verge was hacked again, as its team tweeted that their mining pools were under a DDoS attack. This time, 35 million XVG (about $1.7 million) was stolen over a period of a few hours, and XVG went down by a little over 14 percent.
OCMiner, who called attention to the first security breach, pointed out Verge’s vulnerability on the message board again, that “since nothing really was done about the previous attacks (only a band-aid), the attackers now simply use two algos to fork the chain for their own use and are gaining millions.” XVG’s price is at $0.026131 as of press time, its lowest for the past three months, according to .
Coincheck: Compliance and transparency
When: January
Hacker’s prize: 532 million NEM coins
Outcome: Coincheck survived the hack and the FSA pressure, was bought
In January, the Tokyo-based exchange Coincheck . Coincheck had to freeze all operations after it lost 523 million NEM coins — worth approximately $534 million at the time — on January 26. The coins were lifted through several unauthorized transactions from a hot wallet (according to Coincheck representatives, the hackers managed to steal the private key for it) where NEM coins were being stored, enabling them to drain the funds. Later in the day, NEM Foundation president Lon Wong "the biggest theft in the history of the world." Indeed, the Coincheck hack was larger than that of Mt. Gox by about $50 million in terms of stolen funds.
Soon after the security breach occurred, Coincheck . There, the Coinbase team explained that NEM coins were indeed being held on a simple hot wallet rather than a much more secure multisig wallet, as the security setup differs between various coins on the exchange. They stressed that other cryptocurrencies on the platform were stored in multisig wallets and confirmed that the stolen funds belonged to customers. The Coincheck team also .
In March, a local news outlet — the Nikkei Asian Review — that malware emails were sent to several members of Coincheck staff weeks before the attack, which might have opened the employee email system to allow the hackers to steal the private key.
In the aftermath of the attack, 10 crypto traders over Coincheck’s freezing of crypto withdrawals. 132 more crypto investors , seeking around 228 million yen (around $2 million) in damages. Nevertheless, Coincheck made good on its promise, as in mid-March the exchange platform and allowed the withdrawal and sale of certain cryptocurrencies.
During the process of handling the aftermath, Coincheck had shown full compliance with the FSA, Japanese regulatory body that oversees the crypto industry in the country. Soon after the cyberattack, the FSA conducted on-site inspections of 15 exchanges and to seven of these exchanges, including Coincheck. After the inspection, the exchange opted to from its list.
In April, the traditional Japanese financial services provider Monex Group 100 percent of shares of Coincheck Inc, for 3.6 billion yen ($33.5 million). The new owner soon . So, overall, Coincheck seems to have rebounded after the massive hit.
BitGrail: Let’s play the blame game (and get sued)
When: February
Hacker’s prize: 17 million XRB tokens
Outcome: Firms wallets seized through court
On February 8, Italian cryptocurrency exchange BitGrail that $195 million worth of customers’ cryptocurrency in Nano (XRB, formerly known as Raiblocks) was stolen in what could be perhaps the shadiest hack on this list, as the blame is still being shifted between BitGrail founder Francesco Firano and the Nano development team.
Essentially, a day after BitGrail was ‘hacked,’ and 17 million XRB tokens were drained from the exchange’s wallets, Nano developers made an official comment showing that BitGrail’s owner and operator Francesco “The Bomber” Firano .
“[…] Firano informed us of missing funds from BitGrail’s wallet. An option suggested by Firano was to modify the ledger in order to cover his losses — which is not possible, nor is it a direction we would ever pursue,” Nano in a Medium post.
The Nano team then that some of the withdrawals Firano claimed were the result of a hack had occurred as early as October of 2017. Firano denied those findings, which are contestable because Nano does not record transaction dates directly to its blockchain. At one point, he that transactions were somehow removed and restored in a later date, which is technically unattainable due to the nature of blockchain.
, Firano also stated that it would be “impossible to refund the stolen amount” and argued that the timestamp technology of Nano and that the block explorer of the cryptocurrency is not reliable. The Nano blockchain network , providing every block or transaction missing before January 19 with timestamps. This suggested that all transactions were, in fact, recorded accurately.
Nevertheless, BitGrail users still haven’t received a definitive answer as to what precisely lead to the incident, and they . On April 5, a class action lawsuit was filed in the U.S. on . The Nano team supported them, stating that they would even of those who sought to battle BitGrail in court.
In March, after legal pressure was applied, BitGrail plans to refund their users, but only if those users stopped trying to sue the exchange. In a , BitGrail said that, “the use of the platform for the victims of the theft will be bound by the signature of a settlement agreement. The latter will be characterized by an expressed renouncement from the users to every type of legal action, and will have to be formalized through the compilation of a form.”
Thus, Bitgrail intended to pay back its users by creating a token, Bitgrail Shares (BGS). The customers who were affected by the heist were refunded 20 percent of their lost amount in XRB, with the remaining 80 percent supposed to be covered by BGS. Nonetheless, BitGrail once again claimed that they are not taking the responsibility for the hack, continuing to point fingers at Nano and its .
On June 15, the BitGrail case , as the BTC stored in the firm’s wallets were confiscated by Italian law authorities. The funds were removed following a court order by the Tribunal of Florence on June 5, but did not mention the current value of the seized assets. The court order was triggered by a petition filed by the victims of the BitGrail hack.
Smaller hacks: MyEtherWallet, BlackWallet and Binance
In January, led to hackers stealing $400,000 worth of Stellar Lumen (XLM) coins from wallets of Blackwallet.co. The attackers took over the service’s hosting server and changed settings to send the coins to their address.
Similarly, over $150,000 worth of ETH in the DNS attack on crypto wallet MyEtherWallet (MEW) in April. The attack recalled the allegations of a DNS hack levelled at MEW in January by the developers of altcoin Ethereum Blue, radically denied at the time by MEW team, who called it “a stupid lie.”
On March 7, the users of Binance, the world’s largest crypto exchange by trading volume, by a hack of third-party software. That resulted in unauthorized transactions being made from their accounts. However, as CEO of Binance Changpeng Zhao soon declared, all users’ funds were safe, and the exchange returned to operating normally. On March 11, Binance it was offering $250,000 in Binance Coin (BNB) for the first person to supply the information that would result in the legal arrest of the attacker.
Published at Wed, 27 Jun 2018 14:10:00 +0000
