On Wednesday, harshly 35 billion Korean won (around $31 million) te cryptocurrency wasgoed stolen by hackers from the South Korea-based exchange Bithumb.
Albeit the breach may not be spil severe spil the $530 million hack of the Coincheck exchange earlier this year, the fact that Bithumb now ranks spil the sixth largest trading venue te the world still marks it spil a trascendental, and worrying, incident.
While more details about the heist have surfaced te the hours following the event’s confirmation, providing a peek into Bithumb’s internal operations, some significant questions about the hack still remain unanswered.
Here’s what wij know about the hack so far, and some details wij still don’t.
What wij know
While Bithumb has not yet disclosed utter details of the stolen coins, news emerged following the hack that XRP, the native token of the XRP ledger and the world’s third-largest cryptocurrency, has bot targeted, according to a report from CoinDesk Korea.
Based on gegevens from CoinMarketCap, Bithumb accounted for Ten procent of the completo trading volume of XRP overheen the last 24 hours, with a total of $32 million-worth switching forearms.
Bithumb has so far not responded to CoinDesk’s request for comment.
IT improvement failed
While Bithumb officially confirmed the breach early Wednesday morning restringido time, it emerges that security issues were already drawing attention from the exchange at least several days ago.
According to a follow-up report from CoinDesk Korea, Bithumb conducted a security enhancement checkup on June 16, just days before the confirmed hack.
The exchange explained at the time:
“Recently, the number of unauthorized access attempts has enhanced. Spil such, an urgent server checkup wasgoed conducted to strengthen the security of all system.”
At the same time, Bithumb also began moving users’ assets to a cold wallet to store cryptocurrencies ter a more secure offline environment.
The CoinDesk Korea report indicated that the hack comes at a time when Bithumb is spending Ten billion won, or around $9 million dollars annually on security measures. Another report from Yonhap further suggests that Bithumb beefed up its security measures by implementing so-called “5.Five.7 regulations” last month.
Under this requirement, at least Five procent of a financial institution’s staff should be IT specialists. Among those, Five procent should concentrate on information security, while at least 7 procent of the hard’s total budget should be on information security.
The report from Yonhap stated that 21 procent of Bithumb’s employees are technology specialists spil of May, and Ten procent of those are responsible for information security. Further, about eight procent of the annual spending budget is used for gegevens protection activities.
Albeit Bithumb shows up to have fulfilled the Five.Five.7 requirements, the report said the fact that it has 300 employees means it may not be able to cope with the enlargening amount of trading volume and user numbers on its toneel.
Government weighs ter
An hour before Bithumb confirmed the hack on its webstek and official Twitter account, the exchange reported the case to the Korea Internet & Security Agency (KISA), a government organization that supervises internet and cybersecurity issues ter the country.
An official from KISA said a dedicated analysis team is presently te the process of investigation the hack. Spil of press time, the agency has not yet disclosed any details from its investigation so far.
Bithumb to refund users
Instantaneously after announcing the hack, Bithumb confirmed it will pay back victims using its own reserves.
Industry experts zometeen weighed te, including bitcoin pioneer Charlie Shrem, who praised the budge despite the unwelcome incident.
“Bithumb hacked for $30 million but covering all losses. Out industry is getting better and stronger,” he tweeted.
Ter addition, litecoin creator Charlie Lee also commented that he believes the clever stir is to “keep on exchange coins that you are actively trading. It’s best to withdraw right after trading.”
This is not the very very first time that Bithumb wasgoed reportedly hacked. Spil previously reported by CoinDesk, the toneel wasgoed compromised last year with spil many spil 30,000 users impacted.
At that time, Bithumb straks announced that it would repay each victim with 100,000 Korean won each, an amount worth about $85.
Bitcoin price dips by $200
According to gegevens from CoinDesk, the price of bitcoin dropped by almost $200 to a daily low so far of $6,561 an hour after Bithumb primarily published the statement. Spil of press time, the price had bounced back to $6,640.
Ter addition, spil Bithumb has so far only suspended asset deposits and withdrawals, trading activity on the exchange actually shows up to be enhancing since the news broke. Based on gegevens from CoinMarketCap, 24-hour trading volume wasgoed primarily seen at around $350 million at the time of the news and straks climbed to $380 million around noon circuito time on Wednesday.
Spil of press time, Bithumb still remains the sixth largest verhoging globally.
What wij don’t know
Extent of the breach
It emerges that XRP is one of the assets stolen ter the hack, yet it’s still unclear at the uur if other assets have bot taken and te what quantities. Ter addition, it’s also not clear the number of users on Bithumb that have bot impacted.
Ter its announcement, Bithumb refrained disclosing thesis details, adding that it may disclose the hacked tokens today. It has not made any statement on that at press time.
Further, it’s not publicly known at this time which wallet addresses the hacked cryptocurrencies have bot sent to, or whether any have bot liquidated or not.
Presently, there are overheen 37 cryptocurrency assets on Bithumb that are available for trading against the Korean won. Among them, EOS and TRON together account for overheen half of the total trading volume on Bithumb, at 31 and 22 procent, respectively.
Cause of the breach
At this stage, Bithumb has not officially announced what exactly permitted the hackers to access its system, strafgevangenis has it provided an estimated timeline for when asset deposits and withdrawals will resume.
Presently, the cybersecurity division of South Korea’s National Police Agency has sent seven investigators to Bithumb’s office te Seoul to conduct interviews and inspect servers, according to a report from Yonhap.
However, the news agency cited anonymous sources from the industry that malicious emails had bot sent to Bithumb users earlier this month. This possibly led to the hack, spil hackers would be able to obtain account information if users clicked on linksom inwards the phishing email.
It remains to be seen whether more details on the cause will be forthcoming spil the investigations by the rock-hard and the authorities proceed.
Bithumb’s hack marks the 2nd cyber incident ter the crypto industry te South Korea ter latest days, and its 2nd te less than a year. Less than two weeks ago, a breach at Coinrail is thought to have seen $40 million-worth of cryptocurrencies stolen. While, last year, a hack of the Youbit exchange notably led to the exchange filing for bankruptcy.
Bovenmatig from requiring domestic exchanges to enforce a real-name verification process, financial watchdogs te South Korea have not yet made any concrete stir ter regards to regulating exchanges te a procesal framework.
It remains to be seen whether the Financial Services Commission will take a similar stance to its counterpart ter the neighboring Japan.
Following the sobresaliente hack of Mt. Gox ter 2014, which wasgoed the largest cryptocurrency exchange at the time, regulators te Japan moved to launch a procesal framework te that would permit the authorities to kwestie licenses to qualifying exchanges.