The latest hack at South Korean cryptocurrency exchange Bithumb suggests that cryptocurrency exchanges may need to up their game when it comes to security.
Bithumb suspends services to deal with hack
Bithumb temporarily suspended deposit and withdrawal services after a $21 Million hack over the weekend. The attack was tracked by a Twitter analyst in real time. He shared that the hackers had tried to offload the funds on non-KYC exchanges. KYC, or Know-Your-Customer exchanges can verify the identity of their customers and link it to a cryptocurrency wallet. Non-KYC on the other hand, offer more privacy to their users.
In a statement released March 30th, Bithumb said it was working to restore services to customers following the hack. “Our members’ KRW deposit/withdrawal service is normally available, and we will do our best to secure the stability of the service and to resume as soon as possible. Specific resumption schedule will be announced through a separate announcement.”
The exchange reportedly lost 3 Million EOS and 20 Million XRP in its second hack this year. In fact, in June 2018, cyber criminals netted $31.5 Million from the exchange. I spite of that, approximately 45% of their haul was recovered less than two weeks later.
Bithumb suffers internal security breach
Bithumb’s statement following the cyber attack points to the incident being an internal security breach.
“As a result of the inspection, it is judged that the incident is an accident involving insiders because the external intrusion path has not been revealed until now. Based on the facts, we are conducting intensive investigations with KISA, Cyber Police Agency, and security companies.”, Bithump said.
In addition, a Tweet alleged that a second breach of security might have occurred before this hack. The hackers may have obtained the private key for Bithumb’s EOS account at the time, founding partner of Primitive Ventures, Dovey Wan stated. This has not been verified.
However, Bithumb has confirmed that the cyber attack did not involve the exchange’s cold wallet. Indeed, the hot wallet alone was affected by the breach. The company added that the move to temporarily suspend deposit and withdrawal services “was a precautionary step following the detection of unusual cryptocurrency withdrawals from its cold wallet storage”.
The exchange also revealed that it was collaborating with other platforms to trace and recover the stolen funds.
Bithumb hack news met with disbelief
News of the hack was met with a certain amount of disbelief among industry leaders. Dovey Wan said on Twitter: “And this is the second time Bithumb saw a MAJOR hack, last time it’s hacked with a loss over $30m.. lol and after the first hack it was STILL able to get the fiat license from Korea and WTF??”
She also posted a screenshot of large amounts of EOS passing through ChangeNow’s transaction logs and added: “Hacker has been disposing stolen EOS via ChangeNow to downstream exchanges including Huobi, KuCoin, the distribution is still ongoing.”
The funds were allegedly moved to other platforms. That said, the companies did not release statements on the matter or confirm the allegations. According to Wan: “XRP hacked wallet address – rLaHMvsPnPbiNQSjAgY8Tf8953jxQo4vnu stolen 20,000,000 xrp (worth $6,000,00)”.
Bithumb has said that it anticipates recovering the stolen cryptos. The company added that in the future, it would be applying more rigorous security internally. They added that “We constantly monitor and block external hacking – however, it was our fault that we only focused on defense of outside attack and lack of verification of internal staff.”
The blockchain platform has moved remaining coins from the hot wallet into the exchange’s cold wallet. It reassured users via its Twitter feed that their funds were safe.
“We deeply apologize to our members for delaying the cryptocurrency deposit and withdrawal service, we would like to inform you of the circumstances of the grounds and confirm that your assets are safe,” the statement read.
Security warning from Hosho Group’s Hartej Sawhney
In January 2019, Hartej Sawhney, co-founder of security experts the Hosho Group, told CNBC that more than $2.5 Million in crypto is stolen from third-party exchanges daily. He urged third-party exchanges to up their security against hackers.
“Exchanges need to learn to value security – but they are not getting regular penetration testing from cybersecurity companies,” he told CNBC.
Sawhney claimed that as a result of incompetence, some cryptocurrency exchanges were considered hanging fruit by hackers. Certainly, these attackers have the technical skills to bypass weak security systems, including hot and cold wallets.
Bithumb image licensed via Shutterstock.