Cryptocurrency exchange hacking has become an increasingly disturbing issue as industry watchers have observed that even big exchanges are not spared. In the past few weeks, there have been several hacks prompting a call for review of the mode of operation of these exchanges.
The most recent security breach involves the South Korean exchange, Bithumb which in a hack suspected to be an “insider” job lost substantial volume of eos coins in its wallet.
Bithumb, a South Korean cryptocurrency exchange lost roughly $20 million in eos coins. According to the report, around 3.07 million EOS was reported to have been withdrawn from the company’s internet connected EOS “single key” hot wallet.
A look at Bithumbs Twitter page shows an alert posted by a user who noticed that the exchanged was being hacked. The theft was noticed by the monitoring team that noticed the huge withdrawals from Bithumb’s own wallet.
This has raised questions on the prcactices of the company since it is a known fact that hot wallets are inappropriate for very large volume of coins as as held by exchanges.
As at the time of reporting, transactions on the exchange such as deposits and withdrawals have been suspended according to a Bithumb statement:
“All the [stolen] cryptocurrency is owned by the company, and all members’ assets are under the protection of a cold wallet.”
A Previous Hack
This is the second attack on the exchange since nearly a year ago when the it was hacked losing $30 million worth of coins including 2,016 BTC, 2,219 Ether and few other cryptocurrencies. Although the company later claimed to have recovered nearly half ($14 million) of last year’s losses it is not clear what is outstanding.
The management released a statement showing that its emphasis had been on preventing external breaches:
“As a result of the internal inspection, it is judged that the incident is an ‘accident involving insiders.’ Based on the facts, we are conducting intensive investigations with KISA, Cyber Police Agency and security companies. At the same time, we are working with major exchanges and foundations and expect to recover the loss of the cryptocurrency equivalent,” the statement read.
The situation in the exchange is that of uncertainty as the management came up with the claim that it was a clear “insider job” and that the police have been invided to investigate the theft.
Disregard for Security Protocol
The news shows that the exchanges disregardeed standard security protocol that should guide institutions entrusted with substantial digital assets which should have been secured with multi sig wallets and cold storage.
The incedents of hacks on crypto exchanges are direct consequences of the human inclination to cut corners by doing the little they could get away with and not the maximum expected from them.
Following the hack reported just few hours ago, Bithumb reportedly moved its remaining assets offline to cold wallet storage to prevent further loss of assets until optimum security measures have been put in place.
Meanwhile, the company in talks with government agencies and other exchanges in its quest to recover some of the stolen assets.