Instead of a decrease in hacking incidence, somehow cryptocurrency exchanges are observing an increase in such cases. On March 30, crypto exchange Bithumb announced a temporary suspension of its services, citing abnormal withdrawals as a reason behind it.
Taking to its official Twitter account, Bithumb announced that they are pausing cryptocurrency withdrawals and deposits temporarily. Check out the tweet below:
[Notice?]
We deeply apologize to our members for delaying the cryptocurrency deposit and withdrawal service, we would like to inform you of the circumstances of the grounds and confirm that your assets are safe.
For more details >> https://t.co/dOvT78P0sK— Bithumb (@BithumbOfficial) March 30, 2019
The link attached in the tweet further elaborates the exchange’s reason behind the same. As per the post, at 10:15 (time zone unknown) on the 29th, Bithumb detected what they describe as abnormal withdrawals through their monitoring system.
The exchange further notes that they have “secured all the cryptocurrency from the detection time with a cold wallet and checked them by blocking deposit and withdrawal service.” As per the translated note, the incident was an “accident involving insiders.”
Bithumb informs in an updated blog post, that it was their fault that the exchange was focused on protection from outside attacks and did not verify its staff. The announcement promises that the incident won’t repeat itself, since the company is developing its workforce verification system.
Yesterday, EOS were transferred to the attacker’s address from the exchange’s EOS hot wallet. As the company realized the ongoing attack, it started to move the funds to the cold storage wallet, which purportedly wasn’t compromised.
Reportedly, more than 3 million EOS (about $12.5 million) have been transferred from the hot wallet. However, the exchange claims that all the stolen EOS were those of the exchange and that the users’ funds are in the cold wallet. A cryptocurrency news outlet, The Block Crypto claims that around 20 million Ripple (XRP) (equivalent to about $6.2 million) have also been stolen.
This incidence marks the second hack that the exchange encountered in under a year. During the investigation of the last hack, Bithumb managed to recover $14 million of the stolen funds and asserted that the rest of the losses is expected to recover as well in time. Currently, Bithumb claims to be conducting intensive investigations with the aid of the cyber police agency, the Korean internet & Security Agency (KISA) and cybersecurity companies. Lastly, the company notes:
“We will do our best to resume deposit and withdrawal as soon as possible to secure the service’s stability.”
As per an analysis of the flow of the stolen funds shared by a Twitter user, a portion of the funds is already being distributed to exchanges and another potion is siphoned to other addresses. The exchange that received the most funds (662,000 EOS) is EXMO, followed by Houbi(263,000 EOS), Changelly (192,000 EOS), ChangeNOW (140,000 EOS), KuCoin (96,000 EOS) and others.
In a post today, Changelly claims that the instant exchange has been able to identify and freeze 243,000 XRP ($76,000) and 114,000 EOS ($479,000) believed to proceed from the Bithumb hack. The XRP has been sent to Changelly in eight different transactions, while the EOS was sent in 52, and the associated wallet addresses have been blacklisted.
A Twitter user further suggests that this hack could be in relation to BitHumb’s recent layoffs. Just last week, it was reported that B itHumb is currently cutting up to 50 percent of its workforce.
