Crypto exchanges: hacks and bankruptcy in 2018

4 Months ago / Articles

 

With the growing popularity of cryptomarket, there grows the potential threat to the market players. In particular, experts note the frequent cases of hackers’ attacks to cryptocurrency trading platforms: according to The Wall Street Journal, since the beginning of 2018, there had been stolen by fraudsters more than $ 800 million from five crypto exchanges, which is higher than for any other year. Why do scammers choose exactly crypto exchanges and what are the consequences of these attacks?

 

Chronology of hacks in 2018

In total, since 2011, hackers have carried out 56 attacks on crypto exchanges, ICO and other platforms dealing with digital currencies. This is stated in the analysis of the Autonomous Research financial consulting firm, according to which the crypto market members suffered losses of more than $ 1.6 billion during this period. In this case, in the first seven months of 2018, hackers managed to hack five trading platforms and stole more than $ 800 million.

 

January

January 26, 2018 Coincheck, one of the largest cryptocurrency exchanges in Japan, underwent the most ambitious attack on the cryptomarket. As a result of hacking, the hackers stole 500 million NEM tokens worth $ 532 million, which was the biggest robbery in the history of cryptocurrency, even in comparison with the hack of MtGox cryptoexchange in 2014, when there was stolen $ 480 million.

The reason for the attack was the vulnerability in the Coincheck operation, namely, the user's crypto currency was stored in hot purses, where assets are always available online. Also, the exchange didn’t use the mechanism of multiple signatures, which could have protected the exchange’s client funds. In an interview with Bloomberg, now former head of Coincheck Koichiro Wada, he also noted:

  • "Now we realize that the number of employees who worked on the internal audits, management and risk assessment was inadequate. We aimed to boost, but our efforts eventually led to this situation."

Nevertheless, on January 28, the representatives of Coincheck stated the company’s readiness to compensate the loss of users. And in April, the Coincheck cryptoexchange came under the control of the Monex Group company, which bought the trading platform for 3.6 billion yen, or $ 34 million. Also, under the terms of the transaction all the representatives of Coincheck management, including Koichiro Wada, had to leave their posts.

 

February

On February the 8th, it became known about the hacking of the Italian BitGrail crypto exchange, during which there were stolen17 million Nano tokens valued at more than $ 170 million. It is noteworthy that two weeks earlier the crypto exchange already suspended the input and output of the Nano, causing users suspicions.

According to the official statement of the exchange, the internal audit showed that the hacking occurred as a result of numerous "unauthorized transactions" with Nano. Exchange’s CEO, Francesco «The Bomber» Firano, informed about some bug in Nano protocol that, in his opinion, was the cause of hacking. In response, Nano team accused the exchange in spreading false information, noting that there were significant vulnerabilities in the trading platform security code. Moreover, the problems with the withdrawal of funds had been known before the hacking, when some user found out that when placing two orders you could get a double token balance on your wallet. In this connection, there appeared opinion that the hacking was the performed by the management of the platform whom users accused of fraud, negligence and theft of funds. This was confirmed by a team of Nano developers, who wrote in their blog the following:

  • "We have every reason to believe that Firano misled Nano Core team and the community regarding the solvency of the BitGrail exchange for a significant period of time."

In early May, the exchange declared itself bankrupt, and on May 24, the court of Florence delivered a decision according to which the market had to be shut down, and remaining at its disposal assets should’ve been transferred to the external management.

 

June

On June 10, the management of the seventh largest South Korean currency exchange Coinrail reported a break-in, as a result of which $ 40 million was stolen. According to the exchange, the hackers’ target was the tokens of ERC20 standard, in particular, NPXS tokens of the Pundi X project, ATC of the Aston project and NPER tokens of the eponymous project. Also, as estimated by Pundi X team, the hackers stole 1927 ethers and 831 million DENT tokens, as well as $ 1.1 million of TRX tokens. 

As in the case with Coincheck, the tokens were stolen from the user accounts whose funds were stored at the exchange. As a result, Coinrail management decided to move the cryptocurrency assets to cool wallets during the investigation of the theft. 

Herewith, the local edition of Chosun published some information on suspicious transactions carried out by the exchange as a result of which some of the banks suspected it of money laundering: 

  • "In February 2018, several banks working with Coinrail discovered suspicious transactions, presumably aimed at money laundering. In April, some banks without explanation stopped all cooperation with the exchange."

After a week and a half it became known about an attack on another well-known South Korean trading platform - Bithumb. On June 20, the third largest crypto exchange in the world has confirmed the information about hacking that had taken place the day before. Platform’s representatives reported that the hackers had managed to steal 35 billion KRW, which was approximately $ 31 million. At the same time, the representatives did not specify exactly which cryptocurrencies had been stolen:

bithumb.png

According to CoinDesk Korea, a few days before the attack, the company checked the security system on its servers, since there had been fixed frequent cases of unauthorized access attempts. At the same time, the users’ funds were transferred to the cold wallets. At the moment, the Korea Internet Security Agency (KISA) is carrying out an inspection to identify what caused the hack. 

The good news was the fact that only 9 days after hacking the site managed to return about $ 14 million thanks to the cooperation with other trading platforms. As the company stated, the remaining lost users’ funds would be reimbursed.

 

July

The last attack took place on July 9 and was committed on a decentralized Swiss crypto exchange, Bancor, which allows users to trade via the smart contracts, while most other cryptocurrency marketplaces offer peer trading. It became known about the hacking through the official Twitter of Bancor:

bancor.png

 

In a more detailed statement there was noted that the attackers managed to steal more than 24,000 ethers which are approximately worth of $ 12 million, NPXS tokens worth $ 1 million, and BNT tokens worth $ 10 million. In total, the crypto exchange suffered a loss of more than $ 23 million.

In this case, it was made possible to freeze the stolen BNT within Bancor protocol due to the implemented function, aimed at combating such cases of thefts and break-ins. Nevertheless, other cryptocurrencies and tokens remain in the hands of the fraudsters, despite the fact that the Bancor management is actively working with other platforms to track the movement of stolen assets and prevent their elimination. Crypto exchange’s representatives said they would continue to provide information on the investigation through the Telegram channel and Twitter.

 

Summary

According to experts, the reason for the increasing number of hacker attacks on crypto exchange platforms can be considered too rapid development of this sector. As a result, the existing security systems can’t keep up the pace of their growth, indicating a significant vulnerability in their work and the need to make changes in the response system of even leading cryptocurrency trading platforms on the market.