On Wednesday, toughly 35 billion Korean won (around $31 million) te cryptocurrency wasgoed stolen by hackers from the South Korea-based exchange Bithumb.
Albeit the breach may not be spil severe spil the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks spil the sixth largest trading venue ter the world still marks it spil a importante, and worrying, incident.
While more details about the heist have surfaced ter the hours following the event’s confirmation, providing a peek into Bithumb’s internal operations, some significant questions about the hack still remain unanswered.
Here’s what wij know about the hack so far, and some details wij still don’t.
What wij know
XRP reportedly compromised
While Bithumb has not yet disclosed details of the stolen coins, news emerged following the hack that XRP, the native token of the XRP ledger, the world’s third-largest cryptocurrency, may have bot targeted, according to reports from CoinDesk Korea and news agency Yonhap.
Based on gegevens from CoinMarketCap, Bithumb accounted for Ten procent of the completo trading volume of XRP overheen the last 24 hours, with a total of $32 million-worth switching mitts.
Bithumb has so far not responded to CoinDesk’s request for comment.
IT improvement failed
While Bithumb officially confirmed the breach early Wednesday morning almacén time, it shows up that security issues were already drawing attention from the exchange at least several days ago.
According to a follow-up report from CoinDesk Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.
The exchange explained at the time:
“Recently, the number of unauthorized access attempts has enlargened. Spil such, an urgent server checkup wasgoed conducted to strengthen the security of all system.”
At the same time, Bithumb also began moving users’ assets to a cold wallet to store cryptocurrencies te a more secure offline environment.
The CoinDesk Korea report indicated that the hack comes at a time when Bithumb is spending Ten billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called “5.Five.7 regulations” last month.
Under this requirement, at least Five procent of a financial institution’s staff should be IT specialists. Among those, Five procent should concentrate on information security, while at least 7 procent of the rigid’s total budget should be on information security.
The report from Yonhap stated that 21 procent of Bithumb’s employees are technology specialists spil of May, and Ten procent of those are responsible for information security. Further, about eight procent of the annual spending budget is used for gegevens protection activities.
Albeit Bithumb shows up to have fulfilled the Five.Five.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the enlargening amount of trading volume and user numbers on its toneelpodium.
Government weighs te
An hour before Bithumb confirmed the hack on its webstek and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues te the country.
An official from KISA said a dedicated analysis team is presently te the process of investigation the hack. Spil of press time, the agency has not yet disclosed any details from its investigation so far.
Bithumb to refund users
Instantly after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.
Industry experts straks weighed ter, including bitcoin pioneer Charlie Shrem, who praised the budge despite the unwelcome incident.
“Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger,” he tweeted.
Ter addition, litecoin creator Charlie Lee also commented that he believes the brainy budge is to “keep on exchange coins that you are actively trading. It’s best to withdraw right after trading.”
This is not the very very first time that Bithumb wasgoed reportedly hacked. Spil previously reported by CoinDesk, the toneelpodium wasgoed compromised last year with spil many spil 30,000 users impacted.
At that time, Bithumb zometeen announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.
Bitcoin price dips by $200
According to gegevens from CoinDesk, the price of bitcoin dropped by almost $200 to a daily low so far of $6,561 an hour after Bithumb primarily published the statement. Spil of press time, the price had bounced back to $6,640.
Ter addition, spil Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually emerges to be enlargening since the news broke. Based on gegevens from CoinMarketCap, 24-hour trading volume wasgoed originally seen at around $350 million at the time of the news and straks climbed to $380 million around noon nave time on Wednesday.
Spil of press time, Bithumb still remains the sixth largest toneelpodium globally.
What wij don’t know
Extent of the breach
Aside from reports telling that XRP is one of the assets that wasgoed stolen ter the hack, it’s still unclear at the uur what other assets have bot lost and ter what quantities. Te addition, it’s also not clear the number of users on Bithumb that have bot impacted.
Te its announcement, Bithumb refrained disclosing thesis details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.
Further, it’s not publicly known at this time which wallet addresses the hacked cryptocurrencies have bot sent to, or whether any have bot liquidated or not.
Presently, there are overheen 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for overheen half of the total trading volume on Bithumb, at 31 and 22 procent, respectively.
Cause of the breach
At this stage, Bithumb has not officially announced what exactly permitted the hackers to access its system, strafgevangenis has it provided an estimated timeline for when asset deposits and withdrawals will resume.
Presently, the cybersecurity division of South Korea’s National Police Agency has sent seven investigators to Bithumb’s office ter Seoul to conduct interviews and inspect servers, according to a report from Yonhap.
However, the news agency cited anonymous sources from the industry that malicious emails had bot sent to Bithumb users earlier this month. This possibly led to the hack, spil hackers would be able to obtain account information if users clicked on linksom inwards the phishing email.
It remains to be seen whether more details on the cause will be forthcoming spil the investigations by the rock-hard and the authorities proceed.
Bithumb’s hack marks the 2nd cyber incident te the crypto industry te South Korea ter latest days, and its 2nd te less than a year. Less than two weeks ago, a breach at Coinrail is thought to have seen $40 million-worth of cryptocurrencies stolen. While, last year, a hack of the Youbit exchange notably led to the exchange filing for bankruptcy.
Speciaal from requiring domestic exchanges to enforce a real-name verification process, financial watchdogs ter South Korea have not yet made any concrete stir ter regards to regulating exchanges te a seguro framework.
It remains to be seen whether the Financial Services Commission will take a similar stance to its counterpart ter the neighboring Japan.
Following the sobresaliente hack of Mt. Gox te 2014, which wasgoed the largest cryptocurrency exchange at the time, regulators ter Japan moved to launch a permitido framework te that would permit the authorities to punt licenses to qualifying exchanges.
Won pic via Shutterstock
The leader ter blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a rigorous set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests te cryptocurrencies and blockchain startups.