Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don’t)

Share

Coindesk | Wolfie Zhao | June 20, 2018

On Wednesday, roughly 35 billion Korean won (around $31 million) in cryptocurrency was stolen by hackers from the South Korea-based exchange Bithumb.

Although the breach may not be as severe as the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks as the sixth biggest trading venue in the world still marks it as a notable, and worrying, incident.

While more details about the heist have surfaced in the hours following the event's confirmation, providing a glimpse into Bithumb's internal operations, some important questions about the hack still remain unanswered.

Here's what we know about the hack so far, and some details we still don't.

What we know

XRP compromised

While Bithumb has not yet disclosed full details of the stolen coins, news emerged following the hack that XRP, the native token of the XRP ledger and the world's third-largest cryptocurrency, has been targeted, according to a report from CoinDesk Korea.

Based on data from CoinMarketCap, Bithumb accounted for 10 percent of the global trading volume of XRP over the last 24 hours, with a total of $32 million-worth changing hands.

Bithumb has so far not responded to CoinDesk's request for comment.

IT improvement failed

While Bithumb officially confirmed the breach early Wednesday morning local time, it appears that security issues were already drawing attention from the exchange at least several days ago.

According to a follow-up report from CoinDesk Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.

The exchange explained at the time:

"Recently, the number of unauthorized access attempts has increased. As such, an urgent server checkup was conducted to strengthen the security of all system."

At the same time, Bithumb also started moving users' assets to a cold wallet to store cryptocurrencies in a more secure offline environment.

The CoinDesk Korea report indicated that the hack comes at a time when Bithumb is spending 10 billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called "5.5.7 regulations" last month.

Under this requirement, at least 5 percent of a financial institution's staff should be IT specialists. Among those, 5 percent should focus on information security, while at least 7 percent of the firm's total budget should be on information security.

See:  The growing cost of cybersecurity

The report from Yonhap stated that 21 percent of Bithumb's employees are technology specialists as of May, and 10 percent of those are responsible for information security. Further, about eight percent of the annual spending budget is used for data protection activities.

Although Bithumb appears to have fulfilled the 5.5.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the increasing amount of trading volume and user numbers on its platform.

Government weighs in

An hour before Bithumb confirmed the hack on its website and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues in the country.

An official from KISA said a dedicated analysis team is currently in the process of investigation the hack. As of press time, the agency has not yet disclosed any details from its investigation so far.

Bithumb to refund users

Immediately after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.

Industry experts later weighed in, including bitcoin pioneer Charlie Shrem, who praised the move despite the unwelcome incident.

"Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger," he tweeted.

In addition, litecoin creator Charlie Lee also commented that he believes the smart move is to "keep on exchange coins that you are actively trading. It's best to withdraw right after trading."

This is not the first time that Bithumb was reportedly hacked. As previously reported by CoinDesk, the platform was compromised last year with as many as 30,000 users impacted.

At that time, Bithumb later announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.

Bitcoin price dips by $200 

According to data from CoinDesk, the price of bitcoin dropped by nearly $200 to a daily low so far of $6,561 an hour after Bithumb initially published the statement. As of press time, the price had bounced back to $6,640.

In addition, as Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually appears to be increasing since the news broke. Based on data from CoinMarketCap, 24-hour trading volume was initially seen at around $350 million at the time of the news and later climbed to $380 million around noon local time on Wednesday.

Check out:  Prices Aside, Crypto’s Tech Stack Is Steadily Improving

As of press time, Bithumb still remains the sixth largest platform globally.

What we don't know

Extent of the breach

It appears that XRP is one of the assets stolen in the hack, yet it's still unclear at the moment if other assets have been taken and in what quantities. In addition, it's also not clear the number of users on Bithumb that have been impacted.

In its announcement, Bithumb refrained disclosing these details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.

Further, it's not publicly known at this time which wallet addresses the hacked cryptocurrencies have been sent to, or whether any have been liquidated or not.

Currently, there are over 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for over half of the total trading volume on Bithumb, at 31 and 22 percent, respectively.

Continue to the full article --> here

 

 

NCFA Canada | Sep 21, 2018 Ep10-Sep 21: A Regtech-based Blockchain KYC Solution for Document Custody About this episode: On this episode, our host Manseeb Khan sits down with the CEO of Commercial Passport Brice Penaud. They chat about what KYC looks like in blockchain, how fintech and regtech can work alongside with governments, and the benefits of creating a digital identity. Enjoy! Host: Manseeb Khan, NCFA, Fintech Fridays show host Guest: Brice Penaud, CEO, Commercial Passport Bio: Commercial Passport provides global digital KYC solutions, helping financial institutions reduce the time to on-board clients by automating beneficial ownership analysis and client document maintenance. Based in Toronto, Canada, Commercial Passport’s Universal KYC Solution is a paradigm shift in KYC collection, providing senders and receivers a clear chain of custody for KYC documents through blockchain technology. Subscribe and tune in each Friday to check out the latest movers and shakers in fintech. Listen to more Fintech Fridays podcasts here Transcription of Interview Manseeb Khan: Hey Everybody how are you doing today Manseeb Khan here . And you tuning in to Fintech Friday's today. I have. OK. I know I see this every episode. But I do have a really incredible guest today ...
Read More
FINTECH FRIDAY$ (EP.10-Sep 21):  A Regtech-based Blockchain KYC Solution for Document Custody with Brice Penaud, CEO Commercial Passport
The Globe and Mail | Clare O’Hara | Sep 20, 2018 Cryptocurrency trading platform Coinsquare is moving into the exchange-traded fund business as its investment management division launches two new technology funds. Coin Capital Investment Management Inc., a portfolio management subsidiary established in July, has become the 30th ETF provider in Canada with the launch of two new ETFs focused on global emerging technologies. With a management fee of 0.64 per cent, the Coincapital STOXX Blockchain Patents Innovation Index Fund (LDGR) and the Coincapital STOXX B.R.AI.N. Index Fund (THNK) began trading Thursday morning on the Toronto Stock Exchange. “Canadians know technologies like AI and the blockchain are going to change the way we live and work, but it can be difficult to access high-quality investments in these sectors without deep domain expertise,” said Coin Capital CEO Lewis Bateman. Blockchain is an online digital ledger. Once a transaction is completed, it goes into a blockchain database and is kept as a permanent, secure record. It is most commonly known as the technology behind the booming cryptocurrency bitcoin, which soared above US$18,000 last December. See:  Coinsquare launches Coin Capital Investment Management Inc. to help Canadians invest in emerging technology LDGR will aim ...
Read More
Coinsquare moves into ETF business with two new funds
FastCompany | By Lydia Dishman | Sep 20, 2018 When you have a technology that’s only 10 years old, women and underrepresented minorities have the chance to change this corner of the tech industry. Yael Rozencwajg recently had an experience that was unusual for a woman in tech. Speaking at a conference for executives in the blockchain and Internet of Things (IoT) space, Rozencwajg found herself explaining the digital ledger system that forms the basis of blockchain technology to about 200 people, most of whom were white, male CEOs. “There was a lot they didn’t know,” the founder of startup Blockchain Israel tells Fast Company. The difference was that the audience was respectful and deferential, despite the prevailing reality that when women are outnumbered in a work setting like this, several studies show that they are talked over, interrupted, or simply ignored. Rozencwajg chalks it up to the relative newness of the blockchain space. The technology is only 10 years old and was initially used to record bitcoin transactions. But its applications have since moved from solely recording bitcoin and other digital currency transfers to smart contracts and other transactions that need the security that an immutable record can provide ...
Read More
Meet the women who are making sure blockchain is inclusive
Blockchain is here – so what next? The Blockchain Developer Opportunity If you are a software engineer interested in emerging high growth project opportunities, you’ll want to ensure your technical skills are polished and you have access to proper training and resources. There is a significant shortage of skilled Blockchain developers unable to meet the demand of emerging projects! NCFA is pleased to announce an inaugural educational partnership with the Blockchain Learning Group offering a special introductory rate to attend an immersive, 2-day Blockchain developer training course on decentralized application development to help fill the gap of skilled engineers while connecting graduates to project opportunities. According to a recent 2018 PwC survey, 84% of 600 executive responders confirmed some involvement with Blockchain technology from proof of concepts to well capitalized international scale-ups and incumbents looking to modernize legacy systems. Distributed and immutable ledger applications are evolving rapidly with uses cases that improve trust and transparency for many business processes while distributing transactions to a decentralized network in a way that reduces costs and eliminates intermediaries. While crypto markets have exceeded $200 billion in just the last 2 years alone, the underlying technology is forecasted to disrupt almost every vertical with ...
Read More
Immersive 2-day Blockchain Developer Training Course (Nov 10-11, Toronto): Decentralized Application Development
Incipient Industries | Steven Dryall | Sep 19, 2018 Incipient Industries Releases Whitepaper Describing How Cryptocommodities  Are Created and Used As The Basis For A Stable Cryptocurrency Toronto, ON, Canada, September 17, 2018 - Incipient Industries Inc. announces the release of the definitive whitepaper on the subject of cryptocommodities. Following years of development combined with the dissemination of information related to cryptocurrency viability and asset- based cryptocurrencies, an actual description of how to deploy a cryptocommodity  is now available. This is a first in the burgeoning cryptocurrency industry and represents a significant step towards a stabilized digital economy. The cryptocurrency industry is still developing and discovering ways to integrate with traditional financial systems or to replace them altogether. The introduction of cryptocoomodities into the cryptosphere creates a new category of opportunities for pioneers in the space. For those seeking a solution to a stable cryptocurrency, this is the best path to success. See:  3 Clever Ways To Reach Crypto Price Stability, And One Giant Leap Of Faith “This is a perfect use case for cryptocurrency and also follows the Three Pillars of a Viable Cryptocurrency framework.” says Steven Dryall, CEO of Incipient Industries, who has pioneered several key concepts of ...
Read More
Whitepaper Provides Information About Cryptocommodities As The Basis For A Stable Cryptocurrency
Bloomberg | Joshua Brustein | Sep 4, 2018 With fewer than 100 residents, Ocean Falls is looking for a revival after almost four decades of industrial false starts. In 1971, an 11th grader named Greg Strebel wrote the introduction to a book about Ocean Falls, the tiny town in the British Columbian hinterlands where he lived. Strebel mentioned the odd fact that many of the town’s roads were made of wood, said the weather wasn’t as bad as some people made it out to be and noted that it had just gotten a new school building. But the one thing that mattered above all, according to Strebel, was the paper mill. “To most, 'the mill’ imparts a sense of security by its presence,” he wrote. “A low throb of power is audible throughout most of the town as long as the mill runs, accompanied by voluminous exhalations of steam.” The security provided by the mill turned out to be fleeting. It went silent when Strebel was in his 20s. Most of the buildings in Ocean Falls that haven’t been demolished over the decades are crumbling in place, and Strebel, along with most everyone who once lived there, is long gone. A ...
Read More
The Bitcoin Boom Reaches a Canadian Ghost Town
Australian Financial Review | Michael Bailey | Sep 12, 2018 Businesses wishing to raise money from retail investors will no longer have to convert to an unlisted public company structure, after an amendment to 2017's equity crowdfunding legislation passed federal Parliament. The legislation, which takes effect in 28 days from Wednesday, allows proprietary companies or unlisted public companies with annual turnover or gross assets of up to $25 million to advertise their business plans on ASIC-licensed crowdfunding portals, and raise up to $5 million a year to carry them out. Investors can put up to $10,000 a year each into an unlimited number of ideas. Australian private companies are typically limited to a maximum of 50 non-employee shareholders. However, under these reforms, investors acquiring shares through a crowdfunding portal are excluded from this cap, allowing private companies to raise funds from potentially hundreds or thousands of investors. See:  Australia and UK set up FinTech Bridge to deepen collaboration between governments, regulators, and industry bodies Proprietary companies with crowdfunded shareholders will have to prepare annual financial and directors' reports in accordance with accounting standards. Only large proprietary companies, defined as those with any two of either $25 million turnover or above, $12.5 million of gross ...
Read More
$5 million Equity crowdfunding extended to private companies
NCFA Sponsored guest post | Sep 18, 2018 “You are such a worry-wart.” This is the common reaction I get whenever I tell people about how I like to plan ahead. They tell me that I’m too overreacting, that I live too much for the future and not for the present, and that I really don’t get the concept of YOLO. I really don’t give a darn about what these people say. They’re impractically wasting their time, breath, and energy trying to change how I live my life. What if I’m so gung-ho about planning for the future? What if I’m too overly prepared even my future dogs and cats will be feasting every single day? It’s still better than having no insurance. It’s still better than having my children carry my weight. Lastly, it’s still better than being ill-prepared. See:  What Can Traditional Banks Learn From Fintech? If I were to choose between too much and too little, I’d choose too much any day. After all, what’s wrong with having so much you could spare a ton? It’s a thousand times better than having to ask for financial aid because you have so little. Do you get me? I ...
Read More
Why Life Insurance Policies Matter
Forbes | Michael del Castillo | Sep 17, 2018 People keep asking me, what’s the deal with stablecoins? With two prominent regulatory approvals to issue the blockchain-based tokens, many have heralded them as the next evolution of cryptocurrency, while others say they’re perfect evidence of why no one ever needed cryptocurrency in the first place. On a basic level, a stablecoin is a token that has a mechanism in place to minimize its price fluctuations. Unlike traditional cryptocurrencies such as bitcoin and ether, which are directly tied to their wildly fluctuating demand, a stablecoin can rely on four methods to constrain its fluctuations. See:  One SEC commissioner is establishing herself as the voice of innovation for the crypto market The first and by far most popular way to achieve this stability is to peg the price of the token to a more stable asset like the U.S. dollar. This is what both the Gemini and Paxos cryptocurrency exchanges received permission to do from the New York Department of Financial Services last week. Unlike bitcoin and ethereum, which are created through a mining process that also ensures the blockchain’s accuracy, these stablecoins are only created when someone buys them with U.S. dollars. Gemini and Paxos ...
Read More
3 Clever Ways To Reach Crypto Price Stability, And One Giant Leap Of Faith
NCFA Canada | Sep 14, 2018 Ep9-Sep 14: Curexe's New SmartPay Product & Front-line of Global Digital Payments About this episode:  On this episode our host Manseeb Khan sits down with the CEO And founder of Curexe, so chat about their new product called SmartPay! They also talked about how A.I is going to touch the payments and every other industry, regulations that could be in place when accepting crypto and many more. Enjoy! Host: Manseeb Khan, NCFA, Fintech Fridays show host Guest: Johnathan Holland, Founder and CEO, Curexe Bio:  Johnathan Holland's experience comes from a decade of learning about capital markets and a relentless pursuit of providing better customer experiences in the payments and currency exchange industry. Johnathan’s advantage has been to look at the currency exchange industry in a new light, which enabled him to create a new, better way to empower the businesses that are underserved by their current solutions.  Johnathan graduated from the 2016 cohort of the Next 36 accelerator program that helps young entrepreneurs build high impact businesses and is currently running the company out of the DMZ.  LinkedIn profile Join NCFA's weekly Podcast series 'FINTECH FRIDAY$' where we sit down with the incredible people ...
Read More
FINTECH FRIDAY$ (EP.9-Sep 14):  Curexe's New SmartPay Product & Front-line of Global Digital Payments with Johnathan Holland, Founder of Curexe

 


The National Crowdfunding & Fintech Association of Canada (NCFA Canada) is a cross-Canada non-profit actively engaged with cryptocurrency, blockchain, crowdfunding, alternative finance, fintech, P2P, ICO, and online investing stakeholders globally. NCFA Canada provides education, research, industry stewardship, services, and networking opportunities to thousands of members and subscribers and works closely with industry, government, academia, community and eco-system partners and affiliates to create a strong and vibrant crowdfunding and fintech industry. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: ncfacanada.org

Share