This is the third time that Bithumb has been hacked to steal millions in cryptocurrency.
Crypto industry is being hammered by cybercriminals with full frequency lately. There are reports of a new attack against South Korean bitcoin exchange called Bithumb due to which the exchange got hacked. The attack occurred on the morning of Saturday. This is the second time that Bithumb has become a victim of a hack attack within a year.
On Saturday, March 30, Bithumb, 4th Largest Bitcoin Exchange in South Korea, tweeted that they have disabled their cryptocurrency withdrawals as well as deposits for the time being. Furthermore, the exchange posted that they discovered abnormal withdrawals being made from their system at exactly 10:15 on 29th March. To secure the cryptocurrency, they have stored it in a cold wallet and blocked all the deposit and withdrawal services.
We deeply apologize to our members for delaying the cryptocurrency deposit and withdrawal service, we would like to inform you of the circumstances of the grounds and confirm that your assets are safe.
For more details >> https://t.co/dOvT78P0sK
— Bithumb (@BithumbOfficial) March 30, 2019
The exchange further noted that they believe it is an insiders’ job. During the attack, the company observed that its EOS hot wallets were sending EOS to an address that belonged to the hacker. The company immediately started transferring the funds to its cold storage wallet, which luckily wasn’t compromised.
However, the hacker(s) could manage to steal 3 million EOS (roughly $12.5 million) from Bithumb’s hot wallet. On the other hand, The Block Crypto news agency reports that around 20 million XRP (about $6.2 million) have been stolen from the hot wallet.
It was later revealed that the hackers stole $20 million worth of both EOS and XRP (Ripple) out of which 3 million EOS were stolen and 20 million XRP was in token form. The exchange claims that the funds stored in its hot wallet were the company’s and not of its customers, as their funds were stored in cold wallets.
Later in its blog post, the exchange wrote that it was only focusing on protecting the system from outside hackers and ignored the need to verify its staff members. However, the company promised its customers that this kind of incident will not happen again and they are already developing a brand new employee verification system. Yet, the fact that this is the second such incident involving Bithumb in less than a year, the company’s competence in securing its wallets is definitely questionable.
In the previous attack, Bithumb was able to recover $14 million of stolen funds and this time too, the exchange is hopeful that it will be able to recover the stolen funds.
“We will do our best to resume deposit and withdrawal as soon as possible to secure the service’s stability,” Bithumb noted in its blog post.
At the moment, investigations are underway in collaboration with the Korean Internet & Security Agency (KISA), the cyber police agency in South Korea, and mainstream cybersecurity firms in the country. When the flow of stolen funds was assessed by a Twitter user, it was identified that some of the funds have been distributed to other exchanges including EXMO (662,000 EOS), Ku Coin (96,000 EOS), Houbi (263,000 EOS), ChangeNow (140,000 EOS), and Changelly (192,000 EOS), etc., while some have been transferred to new addresses.
In a post, Changelly stated that it has frozen 243,000 XRP and 114,000 EOS, which most likely belong to Bithumb.
This, however, is not the first time when Bithumb has suffered a data breach. In July 2017, the exchange suffered a massive cyber attack in which hackers managed to steal billions of Won while personal details of over 30,000 users including their names, phone numbers, and email address were also stolen.
In July 2018, Bithumb suffered yet another breach in which 35 billion South Korean Won (around $31 million) were stolen.