South Korea’s largest crypto exchange, Bithumb, appears to have been hacked. They confirmed in a statement that they spotted an “abnormal withdrawal” through their abnormal-trading monitoring system at about 10:15 p.m.in Seoul on March 29. The exchange say that all the stolen cryptocurrency is owned by Bithumb, and all the users’ funds are under the protection of cold wallets.
Bithumb claims to have “secured all the cryptocurrency from the detection time with a cold wallet and checked them by blocking deposit and withdrawal service”. Their statement points out that they suspect the hack was carried out by an insider because there is no evidence of any external involvement.
Primitive Ventures’ Dovey Wan, who cites data from local blockchain analytics teams and cybersecurity firms, tweeted: “Bithumb is being hacked, at its EOS cold storage level. Over 3 million EOS has been transferred out”. She added that it had been confirmed by the security firm who audit Bitchumb. She said that up to $6 million worth of XRP has also been stolen.
The private key for the EOS account belonging to the exchange was stolen. The hacker transferred EOS from Bithumb’s EOS address to their own address, which shows a massive number of outgoing transactions to different exchanges.
The three million EOS was sent to exchanges such as EXMO, Huobi, Changelly, KuCoin, and CoinSwitch. According to Coinmarketcap, EOS is currently trading at $4,22 making the total lost a whopping $12 660 000.
Binance Has None Of The Hacked Funds
Bithumb is working with other exchanges in the hope of recovering some of the funds. Binance CEO, Changpeng Zhao tweeted: As far as we can monitor, none of the “allegedly hacked” EOS were sent to @binance. I think hackers don’t want to deal with our big-data risk management system anymore”.
The exchange have also notified relevant government agencies and are conducting an internal investigation.
The first Bithumb hack in June 2018 resulted in losses of approximately $31 million. Some of the funds were retrieved, but the hackers still made off with $17 million. The company has “deeply” apologised for this latest fiasco and promises to do their best to protect member’s assets. Their “best” might not be good enough.