Lightning in the form of a crypto exchange compromise continues to strike in the same place more than once. The latest victim is Bithumb, one of the largest crypto exchanges in South Korea, but this breach has a few more sinister overtones than previous ones in the industry, as well as the hacking job that targeted the Bithumb exchange in June of 2018. The peculiar twist this time round involves what the management at the exchange has described as an “accident involving insiders.” The loss is said to be $19 million.
The Bithumb compromise occurred less than a week after the DragonEx exchange in Singapore reported than an undisclosed amount of major crypto tokens had gone missing. Industry security experts expressed disbelief that, after so many breaches of “hot wallet” accounts, the executives at major exchanges, especially those in South Korea and Asia, have not stepped up security protocols within their operating entities.
The news with Bithumb is that someone, possibly a disgruntled employee that was angered by the firm’s recent announcement of a 50% cutback in staff, had stolen internal private keys to the exchange’s “hot wallet” account. Roughly $12.5 million in EOS tokens and $6.2 million in XRP tokens are missing. Executives claim that only the firm’s accounts were compromised. Individual customer accounts, they claim, were not impacted, although deposit and withdrawal processes have been suspended until internal issues are resolved.
According to company officials: “We will do our best to resume deposit and withdrawal as soon as possible to secure the service’s stability.”
Cyber security professionals are appalled that any crypto exchange would act so cavalierly as to allow tens of millions of dollars of crypto tokens to reside in a hot wallet, and if there, why were there not increased security precautions that would have prevented a single employee from compromising the entire set of fraud prevention protocols in place?
In June of last year, Bithumb had been the target of professional hackers, when $30 million in cryptocurrencies were stolen, but at that time, the exchange had acted quickly to notify other exchanges and authorities of the problem. As a result, the exchange was able to recover $14 million, and executives feel that this time, they will have a better recovery rate than before. Bithumb is working closely with the Korean Internet & Security Agency (KISA), the local cyber police agency, and other experts in the industry that deal daily with cyber attacks such as this breach.
Amazingly enough, the exchange froze accounts and is claiming that 63% of the stolen loot still resides in the hacker’s address with the exchange. Outsiders have already researched the blockchain and reported that a good portion of the stolen EOS funds have been distributed to a number of other exchanges: EXMO has received 662,000 EOS tokens, followed by by Houbi (263,000 EOS), Changelly (192,000 EOS), ChangeNOW (140,000 EOS), KuCoin (96,000 EOS) and others.
After the lesson of the Canadian crypto exchange, QuadrigaCX, hit the news, the need to protect private keys for both hot and cold wallet systems should have rocked industry executives out of their apparent security stupor and resulted in enhanced security procedures across all crypto exchanges. Compromises such as the ones that have already occurred in 2019 have been extremely harmful for the reputation of the industry and only embolden regulatory officials to seek more drastic measures to protect investors and force compliance standards more to their liking.
In the case of Bithumb, however, current investigations are still ongoing. More facts will come to light before this case is closed. Hopefully, recovery measures have improved to such a degree that the hacker will be thwarted in his attempt to abscond with any of his ill-gotten loot.