Korean Ministry Launches Probe Into Causes of Bithumb Crypto Exchange Hack

Published at: June 20, 2018

The South Korean Ministry of Science and Technology (MIC) has launched an investigation into the theft of $30 mln from the world’s sixth largest crypto exchange Bithumb, Yonhap News reports Wednesday, June 20.

Bithumb, which is the leading crypto exchange in South Korea, temporarily suspended all deposits and payments on the exchange as soon as it had detected the theft.

According to Yonhap, the Ministry has said that as soon as it reported the Bithumb hack, the Korea Internet & Security Agency (KISA) joined an urgent investigation into the case. The Ministry now plans to analyze the causes of the theft in cooperation with the police and other agencies.

MIC says it has been investigating the security levels of 21 crypto exchanges between January and March of this year, and has confirmed that most of them have security vulnerabilities.

These weaknesses include insufficient network isolation, an absence of monitoring systems for abnormal or suspicious activities, and inadequate cryptographic key and password security management. In 12 exchanges, the MIC found the complete absence of a security system.

In a separate incident earlier this month, hackers stole around $37 mln from another South Korean crypto exchange Coinrail, which ranked 99th largest globally by trade volumes at the time of the theft. According to Yonhap, the MIC has said that the improvement measures recommended to Coinrail have not been properly implemented during the investigation, and that it now plans to monitor Bithumb’s own response.

In addition, the MIC has said that as of the end of this month, it plans to closely follow those 21 exchanges it has been monitoring for security weaknesses, and ensure they improve their practices by September.

According to Cointelegraph’s personal correspondence with Korean resident officials from the Sentinel Protocol, Bithumb’s hot wallet was hacked on the night of June 19.

Prior to the hack, Bithumb had moved a large amount of Ethereum to cold wallet storage after noticing abnormal access on its servers, also announcing an abrupt server check June 16 “in order to maximize security settings.”

As Cointelegraph reported, the exchange has said it will compensate users affected by the hack:

“We checked that some of cryptocurrencies valued about $30,000,000 was stolen. Those stolen cryptocurrencies will be covered from Bithumb and all of assets are being transferring to cold wallet.”

Tags
Cryptocurrency Exchange
Hackers
South Korea
Crimes
Bitcoin Scams
Related Posts
World’s Sixth Largest Crypto Exchange Bithumb Hacked, Loses $30 Mln
Hackers have stolen cryptocurrencies worth $30 million from South Korea's leading virtual currency exchange Bithumb, Cointelegraph Japan reported June 19. As a result all deposits and payments have been temporarily suspended. *All deposit and withdrawal service will be stopped to make sure the security. We will keep notice you of the restart of the service. We apologize for your inconvenience and thanks for your understanding. — Bithumb (@BithumbOfficial) June 20, 2018 The exchange states it will compensate users affected by the hack, and that all assets are being moved to a cold wallet: “[Notice for the suspension of all deposit …
Bitcoin / June 20, 2018
South Korea’s Coinbin Files for Bankruptcy With $26 Mln Loss, Cites Employee Embezzlement
Coinbin, the South Korean cryptocurrency exchange that took over hacked exchange Youbit, has filed for bankruptcy owing users almost $30 million, correspondence from the company confirmed on Feb. 20. Coinbin, which acquired Youbit in 2017, is closing operations as the result of embezzlement from a senior executive, local media including English-language resource Business Korea subsequently reported. “We are preparing to file for bankruptcy due to a rise in debt following an employee’s embezzlement,” the publication quoted CEO Park Chan-kyu as saying. According to available information, the figure in charge of cryptocurrency management is at the center of the scandal, having …
Cryptocurrency Exchange / Feb. 25, 2019
Binance Helps UK Police to Stop $51 Million Phishing Fraud
Binance claims to have assisted British prosecutors in an investigation of an online fraud that resulted in over $51 million losses by victims. Criminal is now jailed On Sept. 26, Binance’s chief compliance officer Samuel Lim published a blog post saying that the exchange was working with the Cyber Crime Unit of the United Kingdom’s Metropolitan Police Service to investigate into Bulgarian phishing expert Svetoslav Donchev. As officially reported by the Crown Prosecution Service (CPS), Donchev, 37, was extradited to the U.K. from Bulgaria to face the online scamming fraud charges and pleaded guilty to five offences to receive a …
Cryptocurrency Exchange / Sept. 27, 2019
UpBit Exchange Phishing Email Scam Came From North Korea, Source Claims
Hackers from North Korea were behind a phishing scam targeting users of South Korean cryptocurrency exchange UpBit, Korean-language cryptocurrency news outlet CoinDesk Korea reported on May 29. According to findings by local cybersecurity firm East Security, the scam came in the form of an email sent to UpBit users requesting account information. The pretence was a fake giveaway, with the emails also containing a file called “Event Winner Personal Information Collection and Usage Agreement.hwp,” which would run malicious code when opened. UpBit had alerted traders a day before, warning anyone receiving an email from the address “[email protected]” to discard it. …
Cryptocurrency Exchange / May 31, 2019
South Korea: Four ‘Young’ Hackers Booked in Cryptojacking Case Targeting Over 6,000 PCs
Four “young” hackers have been arrested in a cryptojacking case involving over 6,000 computers in what is allegedly South Korea’s “first” known case of its kind, Korean English-language news outlet Aju Daily reports Nov. 8. Cryptojacking is the practice of using a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. Aju Daily cites a statement from the National Police Agency's cyber bureau that clarified that the four accused had not been detained, but would face a trial for allegedly infecting 6,038 PCs with malicious mining malware, which had been concealed in job application documents sent …
Cryptocurrencies / Nov. 8, 2018