Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don’t)

Coindesk | Wolfie Zhao | June 20, 2018

bithumb Korean exchange hacked - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)On Wednesday, roughly 35 billion Korean won (around $31 million) in cryptocurrency was stolen by hackers from the South Korea-based exchange Bithumb.

Although the breach may not be as severe as the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks as the sixth biggest trading venue in the world still marks it as a notable, and worrying, incident.

While more details about the heist have surfaced in the hours following the event's confirmation, providing a glimpse into Bithumb's internal operations, some important questions about the hack still remain unanswered.

Here's what we know about the hack so far, and some details we still don't.

What we know

XRP compromised

While Bithumb has not yet disclosed full details of the stolen coins, news emerged following the hack that XRP, the native token of the XRP ledger and the world's third-largest cryptocurrency, has been targeted, according to a report from CoinDesk Korea.

Based on data from CoinMarketCap, Bithumb accounted for 10 percent of the global trading volume of XRP over the last 24 hours, with a total of $32 million-worth changing hands.

Bithumb has so far not responded to CoinDesk's request for comment.

IT improvement failed

While Bithumb officially confirmed the breach early Wednesday morning local time, it appears that security issues were already drawing attention from the exchange at least several days ago.

According to a follow-up report from CoinDesk Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.

The exchange explained at the time:

"Recently, the number of unauthorized access attempts has increased. As such, an urgent server checkup was conducted to strengthen the security of all system."

At the same time, Bithumb also started moving users' assets to a cold wallet to store cryptocurrencies in a more secure offline environment.

The CoinDesk Korea report indicated that the hack comes at a time when Bithumb is spending 10 billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called "5.5.7 regulations" last month.

Under this requirement, at least 5 percent of a financial institution's staff should be IT specialists. Among those, 5 percent should focus on information security, while at least 7 percent of the firm's total budget should be on information security.

See:  The growing cost of cybersecurity

The report from Yonhap stated that 21 percent of Bithumb's employees are technology specialists as of May, and 10 percent of those are responsible for information security. Further, about eight percent of the annual spending budget is used for data protection activities.

Although Bithumb appears to have fulfilled the 5.5.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the increasing amount of trading volume and user numbers on its platform.

Government weighs in

An hour before Bithumb confirmed the hack on its website and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues in the country.

An official from KISA said a dedicated analysis team is currently in the process of investigation the hack. As of press time, the agency has not yet disclosed any details from its investigation so far.

Bithumb to refund users

Immediately after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.

Industry experts later weighed in, including bitcoin pioneer Charlie Shrem, who praised the move despite the unwelcome incident.

"Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger," he tweeted.

In addition, litecoin creator Charlie Lee also commented that he believes the smart move is to "keep on exchange coins that you are actively trading. It's best to withdraw right after trading."

This is not the first time that Bithumb was reportedly hacked. As previously reported by CoinDesk, the platform was compromised last year with as many as 30,000 users impacted.

At that time, Bithumb later announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.

Bitcoin price dips by $200 

According to data from CoinDesk, the price of bitcoin dropped by nearly $200 to a daily low so far of $6,561 an hour after Bithumb initially published the statement. As of press time, the price had bounced back to $6,640.

In addition, as Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually appears to be increasing since the news broke. Based on data from CoinMarketCap, 24-hour trading volume was initially seen at around $350 million at the time of the news and later climbed to $380 million around noon local time on Wednesday.

Check out:  Prices Aside, Crypto’s Tech Stack Is Steadily Improving

As of press time, Bithumb still remains the sixth largest platform globally.

What we don't know

Extent of the breach

It appears that XRP is one of the assets stolen in the hack, yet it's still unclear at the moment if other assets have been taken and in what quantities. In addition, it's also not clear the number of users on Bithumb that have been impacted.

In its announcement, Bithumb refrained disclosing these details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.

Further, it's not publicly known at this time which wallet addresses the hacked cryptocurrencies have been sent to, or whether any have been liquidated or not.

Currently, there are over 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for over half of the total trading volume on Bithumb, at 31 and 22 percent, respectively.

Continue to the full article --> here

 

latest news - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)

 

Osgoode Professional Development York University | Nov 2019 Strictly Legal, an Osgoode Professional Development podcast, is about all things legal. Each episode, we unpack current issues affecting the legal landscape with the help of some of the industry's leading thinkers. Heated fights over intellectual property are nothing new in promising technology markets. Are we poised for a revolution in the protection of all types of IP?  The blockchain can be used to control and track the distribution of protected IP.  Imagine a world where you could easily register and claim ownership over your original creative works – from music to photos to blogs. With the use of blockchain technology, that world is not so far away. As the world reacts to the current blockchain mania, many businesses in the community are having discussions on what the future of innovation in the blockchain space looks like. This week's guest: Paul Horbal, Bereskin Parr (@horbal) BIO:  Paul Horbal is a partner with Bereskin & Parr LLP. He is a member of the firm’s Electrical & Computer Technology group and is Chair of the Financial Technology group. His practice focuses on patent, industrial design and technology law, with an emphasis on securing and leveraging ...
Read More
OsgoodePD Podcast Strictly Legal - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
Reuters | Sharon Lam | Nov 8, 2019 Recession gatecrashes Hong Kong’s fintech party HONG KONG (Reuters Breakingviews) - Hong Kong’s economic travails are an unwelcome guest in the city’s fintech party. Enthusiasm for online-only banks was palpable at the Fintech Week conference. Yet months of political unrest have hit small businesses, and the added risks may delay local launches by the likes of Standard Chartered and Tencent. Attendees this week descended on Hong Kong’s Lantau Island for the financial hub’s fourth annual gathering. With appearances from top officials like Financial Secretary Paul Chan to executives at Singapore’s $14 billion Grab and other rising stars, there was plenty of buzz. Hot topics included central bank digital currencies and cross-border payments. See:  News on China cryptocurrency and more reforms Virtual banks, as these branchless outfits are known in Hong Kong, took centre stage. Earlier this year, Hong Kong authorities granted eight licenses for such firms to offer payments, deposits and other services, in a long overdue shakeup. HSBC, Bank of China Hong Kong, Hang Seng Bank and Standard Chartered account for some three-quarters of the city’s mortgages and two-thirds of retail loans. Online challengers, including a joint venture between Chinese handset ...
Read More
HK - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
TLT Solicitors | Daniel Lloyd | Sept 2019 Who is liable when AI goes wrong? Let us take the example of Tesla, whose vehicles have been involved in two similar fatal crashes since 2016. In both cases the vehicle failed to see a lorry cross its path and travelled into the lorry shearing off the top of the car, thereby causing both drivers to suffer fatal injuries. Should Tesla be liable for the crash? At what point should a driver no longer have any liability for what the car is doing? At the moment the Department of Transport in the USA adheres to the automation standards set out by the SAE which run from “level 0” (no automation) to “level 6” (full automation). It is accepted that Tesla’s Autopilot driverless software system is no more than a level 2 or 3 on this scale, both of which require the driver to remain in control of the vehicle when driving. So from a public law perspective at least, Tesla is not being held liable for the two crashes that occurred if, as appears to be the case, the drivers were not in control of the vehicles at the time they crashed ...
Read More
intellectual property and AI - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
American Banker | Nov 6, 2019 JPMorgan Chase has long feared that technology giants will act more and more like banks. The firm’s surprising solution: help them do it. The bank has spent the last year developing an e-wallet tailored for companies such as Airbnb, Lyft and Amazon that it says could help online marketplaces and companies in the gig economy defend against getting cut out of the businesses they helped create. In the process, they’ll look a little more like banks. The JPMorgan product would give tech companies the ability to provide millions of customers virtual bank accounts and to offer perks such as car loans or discounts on home rentals to those who keep money stashed there. The more customers use their virtual accounts to pay for services, the less the companies would have to spend on payment-processing fees to third parties such as JPMorgan. See:  JP Morgan is rolling out the first US bank-backed cryptocurrency to transform payments business “A company’s biggest fear is that once they establish a commerce-type relationship, they can’t maintain the end user, and they leave the ecosystem because they now have a direct relationship with the seller,” Matt Loos, a managing director ...
Read More
jamie dimon - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
Markets Insider | Ben Winck | Nov 8, 2019 Robinhood's "infinite leverage" glitch has placed the company back under regulator scrutiny, which could result in a fine, Bloomberg reported Thursday. One person on the WallStreetBets sub-Reddit — the forum where much of the discussion around the glitch has taken place — described the bug as an "infinite money cheat code." The Securities and Exchange Commission and the Financial Industry Regulatory Authority are the two agencies most likely to investigate the matter. Both have the authority to levy fines for financially-irresponsible behavior. The glitch that allowed traders to borrow limitless amounts of capital was exploited by about 20 users and led to losses of less than $100,000 for Robinhood, a source familiar with the matter told Bloomberg. Members of the WallStreetBets subreddit discovered the bug in late October, with one user deeming it an "infinite money cheat code." The bug allowed traders to borrow seemingly-limitless amounts of capital without posting enough cash as collateral. The glitch was exploited by about 20 Robinhood Gold users and led to losses of less than $100,000 for the company, a source familiar with the matter told Bloomberg. The Securities and Exchange Commission and the Financial ...
Read More
vault door - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
Betakit | Isabelle Kirkwood Nov 8, 2019 Vancouver-based FinTech startup Grow Technologies, which develops software solutions in the loan management space, has been acquired by Alberta’s ATB Financial. The purchase price was not disclosed. “With the Grow assets and team, we are strengthening that position by accelerating our digital experience for our customers.” Through the acquisition, the majority of Grow’s team members, including founder and CEO Kevin Sandhu (who authors BetaKit’s yearly Canadian Tech Companies to Watch list), will transition to the ATB team. ATB said its customers will begin to use Grow’s digital services within the next few months. Customers will have access to Grow’s digital platform, which was designed to help financial institutions acquire new users and grow wallet share with existing users. “The entire Grow team is excited about a new chapter ahead of us as we look to bring our FinTech solutions and expertise to ATB,” Sandhu told BetaKit. Grow offers a range of cloud-based digital banking solutions spanning retail and business banking. Founded in 2014, the company has developed a variety of software solutions, including account opening and lending for SMEs and retail, a personalized financial health tool, and Finsnap, a bank account data aggregator ...
Read More
Kevin Sandhu - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
Mavennet and US Department Homeland Security | Patrick Mandic | Nov 6, 2019 WASHINGTON – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $182,700 to Toronto-based Mavennet Systems, Inc. to adapt its oil and gas industry blockchain security technology for Custom Border Protection (CBP) to track cross-border oil imports. “Accurately tracking the evidence of oil flow through pipelines and refinement between the U.S. and Canada and attributing oil imports with the accurate composition and country of origin are of great interest to U.S. Customs and Border Protection (CBP),” said Anil John, S&T’s SVIP Technical Director. “Mavennet’s platform could provide this digital auditability while ensuring broad interoperability by supporting emerging World Wide Web Consortium standards such as decentralized identifiers and verifiable credentials.” Mavennet Systems, Inc. Phase 1 award project “Blockchain-as-a-Service for Cross-Border Oil Exchange” will apply the company’s expertise, gleaned from building a platform enabling real-time auditability of the natural gas trading markets in Canada, to address CBP needs for cross-border oil import tracking. Mavennet’s solution will build a generic end-to-end platform that can be used for any type of commodity that includes automation and integrating application program interface, physical measurement and legacy system capabilities. See:  President ...
Read More
mavennet - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
FastCompany | Howard Yu and Jialu Shan | Nov 6, 2019 Despite Facebook’s reach, IMD professor Howard Yu and research fellow Jialu Shan break down how its Libra digital currency is no match for legacy financial institutions. To understand the impact of Visa’s and Mastercard’s withdrawal to Libra is to understand their enormous influence in fintech innovation in the Western world. At the International Institute for Management Development (IMD), we track how likely a firm is to successfully leap toward a new knowledge frontier in its effort to prepare for the future. We specifically measure how ready the industry incumbents in the financial sectors are for new areas such as robo-advisers, cryptocurrency and blockchain, artificial intelligence, mobile services and mobile payments, and application programming interfaces (APIs). To achieve a balanced and robust measurement, we take note of the “health” of a company’s ongoing business through its cash flow, operating margins, and rising revenues. But for that healthy cash flow to be effectively deployed into new areas, executives need to see beyond their day-to-day operations and be capable of challenging the long-held assumptions of the industry. This process demands diversity in a company’s workforce, which is represented by gender and nationality ...
Read More
american dollar - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
TechCrunch | Arman Tabatabai | Nov 6, 2019 Over the past several years, ‘fintech’ has quietly become the unsung darling of venture. A rapidly swelling pool of new startups is taking aim at the large incumbent institutions, complex processes and outdated unfriendly interfaces that mar billion dollar financial services verticals, such as insurtech, consumer lending, personal finance, or otherwise. In just the past summer, the startup community saw a multitude of hundred-million dollar fintech fundraises. In 2018, fintech companies were the source of close to 1,300 venture deals worth over $15 billion in North America and Europe alone according to data from Pitchbook. Over the same period, KPMG estimates that over $52 billion in investment pour into fintech initiatives globally. See:  How to Value a Fintech Startup With the non-stop stream of venture capital flowing into the never-ending list of spaces that fall under the ‘fintech’ umbrella, we asked 12 leading fintech VCs who work at firms that span early to growth stages to share where they see the most opportunity and how they see the market evolving over the long-term. The participants touched on a number of key trends in the space, including rapid innovation in fintech infrastructure, fintech ...
Read More
top VC fintech insights - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)
Crowdfund Insider | JD Alois | Nov 5, 2019 Last month, Crowdfund Insider reported on comments by EC Vice President Valdis Dombrovskis, a Commissioner whose portfolio includes Financial Stability, Financial Services, and the Capital Markets Union, indicating harmonized crowdfunding rules may be forthcoming before the end of the year. In a tweet, Dombrovskis stated there is a “willingness to move forward and find compromises, hopefully still this year” (on investment crowdfunding). Harmonization across all EU member states could dramatically help European SMEs and entrepreneurs access much-needed growth capital.  Platforms could operate across national borders with the assurance of a single set of regulations. Currently, investment crowdfunding platforms must adhere to national, member state rules which vary dramatically across Europe. This fragmented ecosystem stands in stark contrast to what the European Union ostensibly seeks to achieve. Capital Markets Union has been a longstanding and obvious policy goal of Europe, but while simple in concept, the reality has been far more difficult to accomplish. The most robust market for investment crowdfunding remains the UK – a country that will sometime soon exit Europe. While the UK platforms will continue to provide online capital formation across the continent, a single set of rules ...
Read More
Europe - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)

 


NCFA Jan 2018 resize - Bithumb $31 Million Crypto Exchange Hack: What We Know (And Don't)The National Crowdfunding & Fintech Association of Canada (NCFA Canada) is a cross-Canada non-profit actively engaged with cryptocurrency, blockchain, crowdfunding, alternative finance, fintech, P2P, ICO, and online investing stakeholders globally. NCFA Canada provides education, research, industry stewardship, services, and networking opportunities to thousands of members and subscribers and works closely with industry, government, academia, community and eco-system partners and affiliates to create a strong and vibrant crowdfunding and fintech industry. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: ncfacanada.org