By
Temitope Olatunji
April 23rd, 2024
South Korean crypto exchange Bithumb was hacked last night for three million EOS ($13 million) and the exchange believes it was compromised by its own employees.
It has also been reported that up to a further 20 million XRP ($6 million) may have been stolen. The last time Bithumb was attacked, it lost approximately $30 million ($14 million of which was later recovered) and was mandated to shutter its deposit and withdrawal services for months.
We already wrote of how Bithumb had become a victim of a hack and had to suspend deposits and withdrawals and immediately started transferring all of its assets to cold wallets with a view to prevent further losses.
According to Primitive Ventures’ Dovey Wan, who cites data from local blockchain analytics teams, cybersecurity firms, and other sources, Bithumb’s EOS wallet was hacked on Friday, resulting in three million EOS tokens being spirited away. This sum of crypto, for those who are wondering, is currently valued at $12.5 million as of the time of writing.
BREAKING 🚨🚨🚨
Bithumb is being hacked, at its EOS cold storage level!!! Over 3million EOS has been transferred out 👀👀👀
Detail to be reported, confirmed by security firm who’s auditing for Bithumb
— Dovey "Rug The Fiat" Wan (@DoveyWan) March 30, 2019
It appears that the private key was stolen through Bithumb’s EOS account g4ydomrxhege, while the hacker’s address is ifguz3chmamg.
Wan then tweeted the stolen funds flow in more details, while also confirming that the aforementioned hacker’s address still holds 1.9 million of EOS.
With more updates numbers on stolen fund distribution (number of $EOS) and the hacker’s address still holds 1.9Million $EOS
EXMO: 662,600
Huobi: 263,605
Changelly 143,511
KuCoin: 96,270
CoinSwitch: 38,725$EOS DUMP 👀👀👀— Dovey "Rug The Fiat" Wan (@DoveyWan) March 30, 2019
As more info came in, she revealed that Bithumb’s XRP wallet (rLaHMvsPnPbiNQSjAgY8Tf8953jxQo4vnu) was also hacked and saw 20 million XRP or around $6,000 being transferred out.
Wan revised her previous tweet by saying that “only” Bithumb’s hot wallet that was hacked as the cold wallet still seems OK. That said, the total stolen fund still amounts $19,158,000 based on the price as of writing time.
It also seems like it’s already too late for EOS to freeze the funds as the hacker can be seen of liquidating the stolen EOS through ChangeNow, a crypto swap platform that carries “selective KYC checks”, as the company claims.
The Incident Involved Insiders
Once the attack was discovered, Bithumb quickly shut down its deposits and withdrawals process. In a statement explaining why it did so, Bithumb judged the “incident involved insiders” who had access to the private keys of the account. It also said it had notified the Korea Internet and Security Agency and the Cyber Police Agency about the hack and was working to get the funds returned.
From a preliminary look at the wallet affected, it seems as though this was Bithumb’s hot wallet rather than its cold storage system, which was subject to immense scrutiny during the platform’s last security mishap.
The reason why analysts are suggesting this is a hack is due to the distribution of the three million EOS, which was sent to exchanges such as EXMO, Huobi, Changelly, KuCoin, and CoinSwitch. Interestingly, however, there remains 63% of the hacked funds in the attacker’s purported wallet.
Per CoinDesk Korea, who has seemingly confirmed the report, Rohan from EOSauthority seems to be sure that Bithumb’s private key pertaining to the aforementioned wallet was stolen. Bithumb has purportedly since contacted fellow trading platforms, authorities, and higher-ups in the EOS ecosystem, as it looks to mitigate the effects on the broader crypto industry.