Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don’t)

Share

Coindesk | Wolfie Zhao | June 20, 2018

On Wednesday, roughly 35 billion Korean won (around $31 million) in cryptocurrency was stolen by hackers from the South Korea-based exchange Bithumb.

Although the breach may not be as severe as the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks as the sixth biggest trading venue in the world still marks it as a notable, and worrying, incident.

While more details about the heist have surfaced in the hours following the event's confirmation, providing a glimpse into Bithumb's internal operations, some important questions about the hack still remain unanswered.

Here's what we know about the hack so far, and some details we still don't.

What we know

XRP compromised

While Bithumb has not yet disclosed full details of the stolen coins, news emerged following the hack that XRP, the native token of the XRP ledger and the world's third-largest cryptocurrency, has been targeted, according to a report from CoinDesk Korea.

Based on data from CoinMarketCap, Bithumb accounted for 10 percent of the global trading volume of XRP over the last 24 hours, with a total of $32 million-worth changing hands.

Bithumb has so far not responded to CoinDesk's request for comment.

IT improvement failed

While Bithumb officially confirmed the breach early Wednesday morning local time, it appears that security issues were already drawing attention from the exchange at least several days ago.

According to a follow-up report from CoinDesk Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.

The exchange explained at the time:

"Recently, the number of unauthorized access attempts has increased. As such, an urgent server checkup was conducted to strengthen the security of all system."

At the same time, Bithumb also started moving users' assets to a cold wallet to store cryptocurrencies in a more secure offline environment.

The CoinDesk Korea report indicated that the hack comes at a time when Bithumb is spending 10 billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called "5.5.7 regulations" last month.

Under this requirement, at least 5 percent of a financial institution's staff should be IT specialists. Among those, 5 percent should focus on information security, while at least 7 percent of the firm's total budget should be on information security.

See:  The growing cost of cybersecurity

The report from Yonhap stated that 21 percent of Bithumb's employees are technology specialists as of May, and 10 percent of those are responsible for information security. Further, about eight percent of the annual spending budget is used for data protection activities.

Although Bithumb appears to have fulfilled the 5.5.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the increasing amount of trading volume and user numbers on its platform.

Government weighs in

An hour before Bithumb confirmed the hack on its website and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues in the country.

An official from KISA said a dedicated analysis team is currently in the process of investigation the hack. As of press time, the agency has not yet disclosed any details from its investigation so far.

Bithumb to refund users

Immediately after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.

Industry experts later weighed in, including bitcoin pioneer Charlie Shrem, who praised the move despite the unwelcome incident.

"Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger," he tweeted.

In addition, litecoin creator Charlie Lee also commented that he believes the smart move is to "keep on exchange coins that you are actively trading. It's best to withdraw right after trading."

This is not the first time that Bithumb was reportedly hacked. As previously reported by CoinDesk, the platform was compromised last year with as many as 30,000 users impacted.

At that time, Bithumb later announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.

Bitcoin price dips by $200 

According to data from CoinDesk, the price of bitcoin dropped by nearly $200 to a daily low so far of $6,561 an hour after Bithumb initially published the statement. As of press time, the price had bounced back to $6,640.

In addition, as Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually appears to be increasing since the news broke. Based on data from CoinMarketCap, 24-hour trading volume was initially seen at around $350 million at the time of the news and later climbed to $380 million around noon local time on Wednesday.

Check out:  Prices Aside, Crypto’s Tech Stack Is Steadily Improving

As of press time, Bithumb still remains the sixth largest platform globally.

What we don't know

Extent of the breach

It appears that XRP is one of the assets stolen in the hack, yet it's still unclear at the moment if other assets have been taken and in what quantities. In addition, it's also not clear the number of users on Bithumb that have been impacted.

In its announcement, Bithumb refrained disclosing these details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.

Further, it's not publicly known at this time which wallet addresses the hacked cryptocurrencies have been sent to, or whether any have been liquidated or not.

Currently, there are over 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for over half of the total trading volume on Bithumb, at 31 and 22 percent, respectively.

Continue to the full article --> here

 

 

Globe and Mail | Sean Silcoff | Dec 18, 2018 Dragons' Den star Michele Romanow and her partner Andrew D’Souza have secured another US$50-million to grow their latest startup, Clearbanc, just weeks after announcing they had raised US$70-million to bankroll the financing provider for e-commerce firms. Now, they are looking to secure hundreds of millions of dollars more to meet a surge in demand from online sellers looking for cheap alternatives to finance their growth. “We see this as a pretty exciting next step,” said Ms. Romanow, president and co-founder of Clear Finance Technology Corp., which operates as Clearbanc. “I don’t think we expected this to come this quickly.” Clearbanc fronts e-commerce entrepreneurs with money to pay for their online advertising in exchange for a small percentage of revenues that spending generates, until they repay the amount in full, plus a 6-per-cent premium. Customers do not have to provide personal guarantees, give up equity or submit to credit checks. Instead, they provide Clearbanc with access to business data from their online payment processors, their online advertising accounts and bank accounts. Clearbanc’s software then crunches the data and assesses their unit economics in minutes, spitting out an automated financing offer based ...
Read More
Dragons' Den star’s startup secures another US$50-million in financing
Million Mile Secrets | August 21, 2018 When most people think of buying tickets for a flight, or making other travel-related purchases, they might reach into their wallet for their credit card. But did you know you might be able to pay with a form of digital cryptocurrency, like Bitcoin? Bitcoin is a type of digital cryptocurrency that serves the same function as traditional currency, like US dollars. The main difference is that Bitcoin is not tied to any central bank, and is not regulated by a government body, thus offering a degree of anonymity to users. The process for paying with Bitcoin is very similar to paying with a credit or debit card. If you’re purchasing online, you’ll simply select Bitcoin as your method of payment. You’ll then be redirected to a site like Coinbase, where you’ll follow the instructions to complete payment. We’ll go through which travel sites accept Bitcoin, best practices when dealing with cryptocurrency, and some pros and cons of using digital currency to help you decide if it’s the right method of payment for you! Where Can You Use Bitcoin for Travel Purchases? Although Bitcoin has not yet gone back to its 2017 levels (at ...
Read More
Can You Use Bitcoin to Pay for Travel?
Coindesk | Santiago Siri | Dec 18, 2018 As governance becomes more and more prevalent in discussions around consensus protocols, it is clear that Satoshi Nakamoto’s original vision of “one-CPU-one-vote” shaped the entire crypto industry into thinking governance centered around machines, not people. But if artificial intelligence (AI) is indeed a threat to humanity as Elon Musk and Sam Altman frequently warn, why are we risking giving AI the political power of distributed networks? Guaranteeing a fundamental right to privacy bent early blockchain design toward anonymity. While that approach helps fight financial corruption (political corruption is exploiting the internet in ways that can also be fought back with decentralized computation), the menace of AI is less abstract than it seems. The fact that social algorithms thrive on memes helps explain today’s political reality. See:  Lifehacks for When a Robot Wants Your Job However, AI is leading us to even deeper questions and challenges. The most salient fact from contemporaneous politics is the growing shadow of doubt cast over the democratic process in the U.S.: did foreign influence win the most expensive election on the planet? Since the Peace of Westphalia in the 17th Century, nation-states have been a political construction ...
Read More
Humans on the Blockchain: Why Crypto Is the Best Defense Against AI Overlords
CNBC | Kate Rooney | Dec 17, 2018 Robinhood's attempt to launch a disruptive, first-of-its-kind product offers some lessons for fintech companies trying to break the mold in a highly regulated industry. The start-up announced it would launch checking and savings accounts with an eye-popping, industry leading interest rate. Just a day later, they said they were re-naming and re-launching after regulators and Wall Street sounded the alarm. Robinhood did not contact a key industry watchdog ahead of its launch, a move that wasn’t legally required but could have saved them from "an epic fail" and “getting egg on their face,” according to UBS analyst Brennan Hawken. “Next time they’ll aim before they shoot,” SIPC president Stephen Harbeck said. On Thursday, the popular stock-trading start-up rolled out what executives said was the biggest announcement in the company's history: Checking and savings products with a 3 percent interest rate, and zero fees. But just a day later, the start-up un-winded its ambitious plan. There were a number of questions about the product — but mostly on the regulatory side. The accounts being offered by Robinhood were insured by the Securities Investor Protection Corporation, or SIPC. Those protections are a far cry ...
Read More
What fintech can learn from Robinhood's 'epic fail' of launching checking accounts
Forbes | Gerald Fenech | Dec 12, 2018 The crypto space, though promising in a myriad of different ways still has many obstacles to overcome. Bad actors are slowly being weeded out but at an excruciating pace. Ideally, the crypto space would have so much competition, innovation and use cases that the best ideas and best innovators would naturally stand tall. Though 2018 has been a trying year for everyone in the space, 2019 is looking positive as many promising projects are rearing to go. These neophytes, though not experienced are seeking to close the gaps within the crypto space that have lingered since the beginning, namely; security, accountability and transparency and above all, practical implications for the technology. Countries like Gibraltar, Malta, and Switzerland seeking to build legislative frameworks for these new businesses to operate and thrive in, and give them a home. However, it is a difficult balance; on the one hand to regulate, securitize and make everything compliant, whilst also not stifling budding, inherent innovation. Although everyone recognizes that DLT has huge potential, the time has now come for the space to mature, become regulated and for things be done right. Now is the time to forget the ...
Read More
The Security Token Field - The Next Step After the ICO Annihilation?
Bloomberg | Julie Verhage and Jennifer Surane | Dec 10, 2018 In 2018, a number of financial technology startups came into their own. Free trading platform Robinhood Markets Inc., for example, added new services and billions to its valuation. And Stripe Inc. was valued by investors at a price higher than the market caps of 249 of the companies on the S&P 500 Index. But the industry is also maturing and consolidating, and larger industry players, hoping not to be left behind by the new era of digital finance, are stepping up their hunt for acquisitions. What should we be on the lookout for in 2019? According to the fintech pros surveyed by Bloomberg—more deals, swirling IPO rumors and a continued steady stream of checks from venture capitalists. Here’s a wrap from industry experts. (Quotes have been lightly edited for clarity and length.) See:  OSC Seeks Applications for Fintech Advisory Committee IPOs looming Up to this point, financial technology startups have been hesitant to enter the public markets. And who can blame them? Most fintech companies that have gone public in recent years have seen their share prices tumble, and ample venture capital funding has buffered balance sheets. Still, a major IPO ...
Read More
Experts predict the five big fintech trends of 2019
Coinsquare release | Dec 6, 2018 The acquisition was closed for $12 million CAD and brings the leading cryptocurrency wallet on the Stellar platform into the Coinsquare ecosystem TORONTO, Dec. 6, 2018 /CNW/ - Today Coinsquare, Canada's premier cryptocurrency trading platform for trading Bitcoin, Ethereum, and other cryptocurrencies, announced it has acquired BlockEQ, the leading cryptocurrency wallet on the Stellar network. Coinsquare purchased BlockEQ for $12 million CAD and will leverage BlockEQ's technology to help Coinsquare and its users connect further with the world of cryptocurrencies. See:  House Finance Committee Urges Canadian Government to Regulate Cryptocurrencies "We have enormous respect for what the BlockEQ team brings to Coinsquare," said Cole Diamond, CEO of Coinsquare. "They are one of Canada's best tech teams, and the product they've built is immensely valuable. That combination in partnership with Coinsquare's technology and team means that we have the opportunity to build amazing things for the cryptocurrency community in Canada and far beyond." BlockEQ, which was co-founded by Jonathan Lister, Megha Bambra and Satraj Bambra, is a cryptocurrency wallet that empowers users to buy, trade, and hold cryptocurrencies in a secure manner. It allows for the tokenization of crypto assets in order to allow them ...
Read More
Coinsquare acquires BlockEQ to expand its cryptocurrency offerings
OSC Release | Dec 6, 2018 TORONTO – The Ontario Securities Commission (OSC) is seeking applications for membership on its Fintech Advisory Committee (FAC). The FAC advises OSC LaunchPad staff on developments in the fintech space and the challenges faced by start-ups in the securities industry.  OSC LaunchPad is a dedicated team that engages with fintech businesses, provides guidance and flexibility in navigating securities regulatory requirements, and works to keep regulation in step with digital innovation. The FAC will meet quarterly, with additional meetings as required. The FAC is chaired by Pat Chaukos, Deputy Director, OSC LaunchPad, and will consist of up to 15 members. Membership terms will be for one year.  Members will be selected based on whether they have direct experience in one or more of the following: Digital platforms (e.g., crowdfunding portals, crypto-asset trading platforms, online advisers); Crypto-assets or distributed ledger technologies (e.g., blockchain); Data science or artificial intelligence (AI); Venture capital, financial services, securities, legal or accounting experience with a focus on the fintech or technology sector; Fintech or technology entrepreneurship; Compliance or regulatory technology (RegTech) solutions; or Cryptography or cybersecurity. See:  OSC outlines key areas of focus for 2018-2019 Interested parties should submit a résumé indicating their ...
Read More
OSC Seeks Applications for Fintech Advisory Committee
Coindesk | Nikhilesh De | Nov 30, 2018 Members of VanEck, SolidX and the Cboe BZX Exchange met with U.S. Securities and Exchange Commission (SEC) staff earlier this week to present a new argument on why the bitcoin market is ready for an exchange-traded fund (ETF). In the latest push to convince the regulator to approve a rule change which would open the door for the country’s first bitcoin ETF, the three firms met with the SEC’s Division of Corporation Finance, Division of Trading and Markets, Division of Economic and Risk Analysis and Office of General Counsel. Notably, Monday’s effort differed from previous presentations, which took more of a regulatory focus. See:  OSC approves Canada’s first blockchain ETF Instead, the proponents’ argument centered around the idea that the bitcoin market is mature enough to support an ETF, and at present looks similar to markets for other assets which already have such products. The presentation gave several examples of assets that already have ETFs, including crude oil, silver and gold. The presentation specifically tied the idea of futures markets with spot markets, noting that for money substitutes such as gold and silver, this connection between the two can be proven with empirical ...
Read More
Bitcoin ETF Seekers Met With SEC Monday In Latest Pitch for Approval
Investment Executive | By James Langton | Nov 23, 2018 Many hurdles remain for the CMRA before it becomes a reality Canada’s regulatory landscape faces a transformation as politics, shifting priorities and new legal realities push the investment industry’s overseers in new directions. Most obviously, the prospect of a fundamental reshaping of the regulatory framework in Canada now is, at least, a possibility – given the Supreme Court of Canada’s (SCC) long-awaited decision on Nov. 9, which reversed a lower court’s ruling in Quebec, that declared that a proposed federal/provincial model for a co-operative capital markets regulator is constitutional. But while this decision knocks down a basic legal obstacle for the new model for overseeing the securities industry, that doesn’t mean that the adoption of a co-operative regulator is imminent – or even inevitable. Indeed, the SCC’s decision hints at the significance of the hurdles that still must be cleared before the proposed Capital Markets Regulatory Authority (CMRA) can become a reality in Canada. Although the SCC has found that the proposed CMRA model is constitutional, that doesn’t necessarily mean it is a good idea. “It’s up to the provinces to determine whether participation is in their best interests,” the ...
Read More
Not yet a done deal

 


The National Crowdfunding & Fintech Association of Canada (NCFA Canada) is a cross-Canada non-profit actively engaged with cryptocurrency, blockchain, crowdfunding, alternative finance, fintech, P2P, ICO, and online investing stakeholders globally. NCFA Canada provides education, research, industry stewardship, services, and networking opportunities to thousands of members and subscribers and works closely with industry, government, academia, community and eco-system partners and affiliates to create a strong and vibrant crowdfunding and fintech industry. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: ncfacanada.org

Share