On Wednesday, toughly 35 billion Korean won (around $31 million) te cryptocurrency wasgoed stolen by hackers from the South Korea-based exchange Bithumb.
Albeit the breach may not be spil significant spil the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks spil the sixth fattest trading venue te the world still marks it spil a trascendental, and worrying, incident.
While more details about the heist have surfaced te the hours following the event’s confirmation, providing a peek into Bithumb’s internal operations, some significant questions about the hack still remain unanswered.
Here’s what wij know about the hack so far, and some details wij still don’t.
What wij know
XRP reportedly compromised
While Bithumb has not yet disclosed details of the stolen coins tapkast their dollar amount, news emerged following the hack that XRP, the native token of the Ripple protocol, may have bot targeted, according to reports from ExposedCrypto Korea and news agency Yonhap.
Based on gegevens from CoinMarketCap, Bithumb accounted for Ten procent of the universal trading volume of XRP overheen the last 24 hours, with a total of $32 million-worth switching arms.
Bithumb has so far not responded to ExposedCrypto’s request for comment.
IT improvement failed
While Bithumb officially confirmed the breach early Wednesday morning particular time, it shows up that security issues were already drawing attention from the exchange at least several days ago.
According to a follow-up report from ExposedCrypto Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.
The exchange explained at the time:
“Recently the number of unauthorized access attempts has enlargened. Spil such, an urgent server checkup wasgoed conducted to strengthen the security of all system.”
At the same time, Bithumb also embarked moving users’ assets to a cold wallet to store cryptocurrencies ter a more secure offline environment.
The ExposedCrypto Korea report indicated that the hack comes at a time when Bithumb is spending Ten billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called “5.Five.7 regulations” last month.
Under this requirement, at least five procent of a financial institution’s staff should be IT specialists. Among those, five procent should concentrate on information security, while at least seven procent of the hard’s total budget should be on information security.
The report from Yonhap stated that 21 procent of Bithumb’s employees are technology specialists spil of May, and Ten procent of those are responsible for information security. Further, about eight procent of the annual spending budget is used for gegevens protection activities.
Albeit Bithumb shows up to have fulfilled the Five.Five.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the enhancing amount of trading volume and user numbers on its toneel.
Government weighs te
An hour before Bithumb confirmed the hack on its webstek and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues te the country.
An official from KISA said a dedicated analysis team is presently te the process of investigation the hack. Spil of press time, the agency has not yet disclosed any details from its investigation so far.
Bithumb to refund users
Instantaneously after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.
Industry experts zometeen weighed ter, including bitcoin pioneer Charlie Shrem, who praised the budge despite the unwelcome incident.
“Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger,” he tweeted.
Te addition, litecoin creator Charlie Lee also commented that he believes the clever stir is to “keep on exchange coins that you are actively trading. It’s best to withdraw right after trading.”
Another day, another hack. Hopefully BitThumb is able to voorkant this amount, tho’ $30MM is not a petite amount.
Spil I’ve said many times, be wise and only keep on exchange coins that you are actively trading. It’s best to withdraw right after trading. https://t.co/8YpVcHx8tK
This is not the very very first time that Bithumb wasgoed reportedly hacked. Spil previously reported by ExposedCrypto, the toneel wasgoed compromised last year with spil many spil 30,000 users impacted. At that time, Bithumb zometeen announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.
Bitcoin price dips by $200
According to gegevens from ExposedCrypto, the price of bitcoin dropped by almost $200 to a daily low so far of $6,561 an hour after Bithumb primarily published the statement. Spil of press time, the price had bounced back to $6,640.
Te addition, spil Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually emerges to be enhancing since the news broke. Based on gegevens from CoinMarketCap, 24-hour trading volume wasgoed originally seen at around $350 million at the time of the news and straks climbed to $380 million around noon tópico time on Wednesday.
Spil of press time, Bithumb still remains the sixth largest verhoging globally.
What wij don’t know
Extent of the breach
Aside from reports telling that XRP is one of the assets that wasgoed stolen te the hack, it’s still unclear at the uur what other assets have bot lost and te what quantities. Ter addition, it’s also not clear the number of users on Bithumb that had bot impacted.
Ter its announcement, Bithumb refrained disclosing thesis details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.
Further, it’s not publicly known at this time which wallet addresses the hacked cryptocurrencies have bot sent to, or whether any have bot liquidated or not.
Presently, there are overheen 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for overheen half of the total trading volume on Bithumb, at 31 and 22 procent, respectively.
Cause of the breach
At this stage, Bithumb has not officially announced what exactly permitted the hackers to access its system, strafgevangenis has it provided an estimated timeline for when asset deposits and withdrawals will resume.
Presently, the cybersecurity division of South Korea’s National Police Agency has sent seven investigators to Bithumb’s office ter Seoul to conduct interviews and inspect servers, according to a report from Yonhap.
However, the news agency cited anonymous sources from the industry that malicious emails had bot sent to Bithumb users earlier this month. This possibly led to the hack, spil hackers would be able to obtain account information if users clicked on linksom inwards the phishing email.
It remains to be seen whether more details on the cause will be forthcoming spil the investigations by the rigid and the authorities proceed.
Bithumb’s hack marks the 2nd cyber incident te the crypto industry te South Korea ter latest days, and its 2nd te less than a year. Less than two weeks ago, a breach at Coinrail is thought to have seen $40 million-worth of cryptocurrencies stolen. While, last year, a hack of the Youbit exchange notably led to the exchange filing for bankruptcy.
Speciaal from requiring domestic exchanges to enforce a real-name verification process, financial watchdogs te South Korea have not yet made any concrete budge te regards to regulating exchanges te a admitido framework.
It remains to be seen whether the Financial Services Commission will take a similar stance to its counterpart ter the neighboring Japan.
Following the extraordinario hack of Mt. Gox ter 2014, which wasgoed the largest cryptocurrency exchange at the time, regulators te Japan moved to launch a procesal framework ter that would permit the authorities to kwestie licenses to qualifying exchanges.
Hack picture via Shutterstock
The leader te blockchain news, ExposedCrypto is a media outlet that strives for the highest journalistic standards and abides by a rigorous set of editorial policies. ExposedCrypto is an independent operating subsidiary of Digital Currency Group, which invests te cryptocurrencies and blockchain startups.