South Korean crypto-coin exchange, Bithumb, has been robbed again. The company claims on its website that: “BTC Korea co protects your esteemed assets, backed by trade data anti-forgery, high-protective SMS verification, high-adaptive data encryption, year-round round-the-clock server security control system, and even more.” Yet, for the second time in a year the company has lost a large amount of currency.
On the bithumb café, the company posted the following statement: “Bithumb urgently ask our valuable customers not to deposit any fund into Bithumb wallet addresses for the time being.
“We noticed that between last night and today early morning, around 35,000,000,000 KRW worth cryptocurrencies have been stolen. However, this loss will be compensated by Bithumb’s own reservoir, and all assets of our customers are securely saved in Bithumb’s cold wallet, hence all asset is completely safe and secured.
“However, the Enhancement Due to the AS-well Implementing the AS undergoing Safety Check on deposit / withdrawal Services, cryptocurrency deposit / withdrawal and withdrawal GBP Service will be haltedfor The until and Time The Services are being thoroughly reviewed.
“Further announcement will be made in due course.
“We sincerely apologise for the inconvenience.
“Our priority is to secure our customers asset at all time, and we will continue our best to better serve our customers.”
[The above copied, including the formatting, from the Bithumb statement].
As well as the statement on bithumb café, the company also put out a number of tweets However, at least one of those tweets has since been deleted which is odd.
How much was stolen?
The amount of currency stolen was 35bn won (£23.9 million, US$31.6 million). What is not known is which crypto-currency the coins were in. An article on CoinDesk Korea says that the currency lost was Ripple (XRP). However, there are also comments from several Korean publications saying that XRP was not the only currency impacted. The impact on all currencies, not just XRP has been negligible. While there was an initial drop on most, they are all trading up on where they were on June 16.
It would be easy to see this as the market being resilient to cryptocurrency theft. However, that is a naïve view. The speed with which Bithumb acted to stop all trading and guarantee funds from its own reserves has to be factored in here.
What is interesting here is that there were signs that the exchange was under attack for several days. Multiple attacks on key servers had already led Bithumb to move coins to a cold wallet. This move appears to have been timely and prevented a larger and more serious loss.
What does this mean
It is not just the volatility of cryptocurrencies that make this a risky past-time. The constant string of successful attacks against exchanges shows no sign of abating. Importantly here, Bithumb moved to refund all losses. In the past, exchanges have struggled to refund even part of the funds they have lost.
This attack also revealed that Bithumb is spending, 10 billion won (£6.85 million, US$9 million) per year, on security. It is also in compliance with the latest regulations imposed on cryptocurrency exchanges in South Korea. The question is whether those regulations will be tightened once again and how that will affect smaller exchanges.
What is not known is who the attackers were. When Bithumb was last attacked, the blame was put at the door of North Korea. Despite the recent thaw in relations between North and South Korea, there is no evidence that state sponsored North Korean hackers have called a truce in their activities. This leads to the conclusion that North Korea is once again involved.
Last week Coinrail was hit for around $40 million in multiple cryptocurrencies. Since the attack, Coinrail has been offline with its webpage saying that it is undergoing maintenance.
Enterprises looking to buy cryptocurrencies to offset malware and ransomware attacks should beware. They not only risk paying hackers but also losing money through problems with the exchanges.