Crypto Exchange Bithumb Reportedly Hacked

[Pegasus]

Today, March 30, crypto exchange Bithumb posted on Twitter that their cryptocurrency withdrawals and deposits have temporarily been paused.

In an explanation linked to the tweet, the exchange writes that at 10:15 (time zone unknown) on the 29th, they detected what they describe as abnormal withdrawals through their monitoring system.

The exchange continues that they have “secured all the cryptocurrency from the detection time with a cold wallet and checked them by blocking deposit and withdrawal service.”

According to the translated note, the incident was an “accident involving insiders” and they are conducting investigations with security companies, the cyber police agency, and KISA.

A tweet from crypto user Dovey Wan wrote that more than 3 million EOS (around $12.5 million) has been transferred at Bithumb’s cold storage level, but this is unconfirmed.

In June 2018, Bithumb had suffered a hack of around $30 million in cryptocurrencies. In the investigation after the hack, the exchange recovered $14 million of the stolen funds.

Cointelegraph will update this story as it continues.

Source

[Obiwankenodium]

Not so smart to keep any coins on the bithump exchange since they already have been hacked before, there clearly is something wrong with their security.

[Pegasus]

It would appear the cryptocurrency exchange industry is far from drama-free at this time. Although there are numerous companies operating without problems, the same cannot be said for Bithumb. Once South Korea’s largest exchange, it has now become a seemingly prone target for hackers and criminals. The company confirmed a new heist which will spark some very juice mainstream media headlines.

Bithumb Faces Even More Crypto Losses

This entire incident involving the Bithumb exchange will undoubtedly raise a lot of questions. This particular exchange has been subjected to at least one previous incident not that long ago. While one would expect such major companies to learn from their mistakes, it seems a completely new problem has popped up in the process. According to the company’s official explanation, there has been an incident which is labeled as an “accident”.

To put this ordeal in its proper perspective, the company has delayed cryptocurrency deposits and withdrawals earlier this week. The reason for doing so remained unclear at the time, although new information has come forward ever since. It appears the company took this rather harsh course of action because of abnormal withdrawals being detected. Its in-house monitoring system immediately flagged some odd behavior by users, which is why these artificial delays were introduced.

After carefully investigating the matter, the Bithumb team ensured all funds from the cold wallet were safe. It turns out this was not an actual hacking attempt, but more of an internal problem caused by the exchange’s own staffers. Referred to by the company as “insiders’, it seems the problem can be considered to be an inside job. What that would mean exactly, remains a bit of a mystery at this time. The KISA and Cyber Police Agency are helping the exchange to look into this string of unusual incidents at this time.

As one would come to expect, the company has also confirmed some funds has been lost in the process. How much funds have been stolen, is a bit unclear, as conflicting figures are circulating on the internet right now. Recovering the funds will be difficult, if not entirely impossible at this stage. It seems unlikely this theft of funds will cause problems for Bithumb customers, which is a silver lining many people will be rather pleased with. It is also expected the deposits and withdrawals will be resumed shortly as well.

On Reddit, this particular incident is getting a lot of attention, albeit not necessarily for the right reasons. A lot of people expect this “inside job” to be something else entirely, although there is no evidence to back up such claims at this time. There is also plenty of speculation as to how much money is missing and which currencies might be affected by this incident. Until further notice by Bithumb themselves, those discussions are mere speculation and not based on actual facts.

Given how this is not the first incident involving the Bithumb exchange, one has to wonder how this will affect the company’s position moving forward. South Korea is still an important region in terms of cryptocurrency usage, although incidents like these have become very common in that part of the world lately. For Bitcoin and altcoins, this news is problematic as well, although it seems unlikely any major markets will be affected.

Source: https://nulltx.com/bithumb-blames-new-crypto-theft-on-insiders/

[Pegasus]

Bithumb, the largest bitcoin exchange in South Korea alongside Upbit, has been hacked for around $20 million. The company said that user funds stored in crypto cold storage wallets were not hacked, but corporate funds were moved.

BITHUMB HACK LIKELY AN INSIDE JOB

Cold storage wallets refer to offline wallets that are not connected to the internet that major exchanges utilize to eliminate the vulnerability of user funds in potential security breaches.

In a surprising turn of events, Bithumb disclosed that it believes the hack was an inside job and funds might have been moved by individuals associated with the company.

The Bithumb hack comes in about a year since Coincheck, the biggest exchange in Japan, was hacked and less than nine months since Bithumb was last hacked in 2018.

[youtube]hYrzF-O0YNE[/youtube]

NEW THREAT TO CRYPTO AND BITCOIN EXCHANGES

In its official statement, Bithumb said that the company is conducting intensive investigations with cyber authorities in South Korea, acknowledging the incident as an inside job.

“As a result of the internal inspection, it is judged that the incident is an ‘accident involving insiders.’ Based on the facts, we are conducting intensive investigations with KISA, Cyber Police Agency and security companies. At the same time, we are working with major exchanges and foundations and expect to recover the loss of the cryptocurrency equivalent,” the statement read.

Bithumb said that the exchange has increasingly focused on preventing external attacks and hacking attacks in the past year, which is evident in the exchange ratings released by the Korea Internet & Security Agency (KISA) in August 2018.

Previously, KISA investigated all bitcoin exchanges in South Korea to find potential vulnerabilities and poor security measures on the country’s crypto asset trading platforms.

The agency found most exchanges to have weak security systems in place but cleared Bithumb, Upbit, Korbit, Coinnest, Coinlink, Coinone, Coinplug, and Huobi for having robust security and internal management systems.

“There still exists many cryptocurrency exchanges with subpar security systems and as such, investors are cautioned in investing through unrecognized platforms. The government will continue to monitor and evaluate cryptocurrency exchanges to improve the standard of security employed by trading platforms,” Kim Jeong-sam, the information protection officer at KISA, said at the time.

As explained by Bithumb, the company failed to consider the possibility of insiders including employees and contractors breaching into the system of the exchange to steal millions of funds held by the company.

CRYPTO STORAGE PRACTICES LIMITED THE DAMAGE

Bithumb’s use of crypto cold storage wallets likely mitigated the potential damage. | Source: Shutterstock

One positive takeaway from the incident is that Bithumb stored most of the user funds in cold wallets that cannot be accessed by hackers and the damage was limited as a result.

More importantly, stolen funds were reportedly sent to other exchanges, which can be recovered if frozen immediately.

But, it remains uncertain how a company could prevent similar incidents from occurring in the future and prevent insiders from engaging in malicious activities.

The company said:

“Bithumb exchange is certified ISMS and applied to multi-signature withdrawal scheme. We constantly monitor and block external hacking. However, it was our fault that we only focused on defense of outside attack and lack of verification of internal staff.”

The exchange said that it would essentially overhaul its internal workforce verification system and restrict the authority employees and contractors have over the internal management system used by the firm.

HOW SHOULD BITCOIN EXCHANGES PROTECT THEMSELVES?

The recent hacking attack suffered by Bithumb is not as serious as previous security breaches because user funds were not lost in the process and the system of the exchange was not exploited.

But, it raises a new threat in the bitcoin exchange ecosystem, and in the near-term, major cryptocurrency trading platforms will have to find solutions to prevent similar incidents from arising.

Source

[Pegasus]

Bithumb, the famous cryptocurrency exchange noticed a hack on March 29, 2019. Due to the hack experience, the South Korean based cryptocurrency exchange Bithumb is now requesting the users to stop making cryptocurrency deposits. The main objective for issuing the official notice is to verify the assets of the members via external organization. The information was recently published by the cryptocurrency exchange through a blog post.

Do not make cryptocurrency deposits in Bithumb
The cryptocurrency exchange mentioned that all the cryptocurrencies that were retrieved in unusual conditions are owned by the company and the assets of the users are fully secured in cold storage wallet.

A founding partner of Primitive, Dovey Wan, a few days ago said that the cryptocurrency exchange Bithumb was hacked and made the company lose more than 3 million EOS. Bithumb has lost some of XRP tokens during the hack.

Dovey Wan, posted on the social media site Twitter,

https://twitter.com/BithumbOfficial/status/1113010982345834496

Later the cryptocurrency exchange described that the company is planning to carry due diligence review on all the assets which the company holds by using reliable external audit. The process of due diligence review will be conducted along with an accounting firm which will offer the distinct information of all the assets which are maintained by the firm.

Additionally, the company will be working over the investigation of the hack incidence in association with the local law enforcement organizations.

Bithumb noted in a blog post –

“Due to this reason, we ask you to stop making deposits until there is a separate announcement. Please note that the deposits will not be processed until the deposit service is resumed.”

Further, the blog post stated-

“However, the deposit and withdrawal services for the newly listed cryptocurrency that are not related to the accident will proceed separately.”

Bithumb will further provide the information related to the financial investigation that will be carried out. The company has promised that they will reveal the result and the progress of the financial investigation in a fully transparent manner.

A New Zealand-based cryptocurrency exchange; Cryptopia was recently hacked in 2019. Cryptopia is currently working with the law enforcement authorities and giving all the necessary information to users of the investigation and about the proceedings.  There are various firms who will be following the case of Bithumb. Bithumb is one of the most significant cryptocurrency exchange in the market.

Bithumb has officially posted about the notice on Twitter stating that they request you to stop making deposits of cryptocurrency in Bithumb, so that the team can verify the assets of the members through the external organization.

Source

[Pegasus]

Bithumb, which was hacked last month and later asked users to be careful about deposits, has reported a $180 million (205 billion Korean won) loss. The exchange suffers from reduced actual volume and a bear market in cryptocurrencies, according to the Korea Times.

ADD IT TO THE LIST OF BITHUMB PROBLEMS

Bithumb has had a rough year. Just nine months before last month’s hack, about twice as much went missing. A report came out later in the year which found the company probably reports fake volume metrics. At this point, longtime users may be considering other exchanges with a stronger security track record. The exchange laid off dozens of employees in January, during the worst of the bear market, which some believe is now over.

Bithumb, one of South Korea’s largest crypto exchanges, has been hacked again. | Source: Shutterstock

How much does the price of cryptocurrencies affect exchanges? Fees are collected when trades happen. Trades happen around the clock regardless of the cost. One can argue that if the exchange collects its fee in one of the traded currencies, then a reduced price in that currency’s valuation can certainly affect profitability. One might also expect exchanges to plan for the worst, hope for the best.

There is some speculation that the exchange’s financial troubles compounded its losses in the form of last month’s attack. Results of the investigation are still pending, but we do know that only the exchange’s funds were stolen, rather than funds belonging to users. This alone indicates an inside job.

DECENTRALIZED EXCHANGES: WHEN?

Ongoing drama with exchanges like Bithumb, Cryptopia, and QuadrigaCX has provided endless fodder for arguments in favor of decentralized exchanges. Non-custodial solutions are popping up everywhere. CCN recently reported on a company called Algorand, whose product will be a decentralized exchange. The company has yet to announce plans for a token sale, but another exchange, Bgogo, has decided to offer IOU trading in advance.

Non-custodial solutions present their own challenges. In general, a user must be more educated. Such exchanges might be more difficult to insure – if the company lacks full control of the funds being traded, it might be more open to legal interference. The first and largest decentralized token exchange on the Ethereum blockchain, Etherdelta, was hit with regulation by the US federal government last year. The action resulted in a settlement and an agreement on the part of the exchange’s founder.

Bithumb told the Korea Times that things have actually been looking up recently.

“In terms of sales, we saw a 17 percent increase, and we continue to increase overseas investments.”

Decentralized versions are one existential threat to the dominance of traditional exchanges, but ultimately users prefer convenience, volume, and ability to conduct high-frequency trades. The transaction fees on a blockchain like Ethereum or Bitcoin will at times be much higher than the cost of trading on a centralized exchange. For traders who conduct thousands of trades per day, these fees would be prohibitive, to say the least, which ultimately sustains the market for the old exchange model.

Source

[JenaTran189]

There is quite a bit of bad information about bithumb security. Hope everyone will pay more attention