Inventory: major thefts of crypto exchanges in 2019

Source: Changelly,

Translation: First Class (First.VIP)

 

6 tactics, 7 thefts, and $ 500 million in losses. How are your assets?

Even the most secure cryptocurrency exchanges are not 100% immune from crypto hackers, as evidenced by the hacking incidents. I took stock of the top seven cryptocurrency hacking incidents in 2019-they not only affected exchanges and users, but also affected the entire cryptocurrency market.

In 2019, the losses caused by cryptocurrency hacking incidents exceeded 500 million U.S. dollars , which means that hackers have discovered more and more vulnerabilities, and no platform can resist all types of hacking attacks.

The crypto space is expected to change with the advent of new currencies. For example, it is said that the long-awaited Libra stablecoin will not present opportunities for hackers and fraudsters because it is more decentralized than Facebook-controlled only, but more centralized than other cryptocurrencies.

In addition, North Korea poses a serious threat to the cryptocurrency market . It conducts cyber attacks on blockchain technology. In the past few years, Pyongyang has accumulated about 2 billion US dollars of foreign currencies and virtual currencies. Of this amount, approximately $ 600 million came from attacking exchanges and users.

Cryptocurrencies are attractive targets for hackers due to their anonymity and asset liquidity, and they can be easily sold without revealing the fraudster's personal information. Although blockchain technology has some security, cryptocurrency hacker attacks are still widespread.

Common cryptocurrency hacking operations

Even if the blockchain algorithm is reliable and secure, hackers will still find other weaknesses and apply various cryptocurrency network attack models. Every part of the exchange's infrastructure can be a point of attack. All in all, code is always written by someone who might make a mistake. Here are some common hacks.

XSS

Almost all trading terminals are vulnerable to cross-site scripting attacks . Using these vulnerabilities, attackers can inject malicious code on web resource pages, thereby directing traders to third-party web resources, or infecting users' devices with malware. Such software may contain stealer viruses that get passwords from wallets or replace sender addresses on the clipboard.

Configuration Vulnerability

Some web terminals may not have "HTTP" headers, but instead apply headers that improve security and prevent certain types of hacking. Therefore, the ContentSecurity-Policy header can prevent attacks related to the introduction of malicious content (including XSS); the X-Frame-Options header prevents attacks such as click hijacking; Strict-Transport-Securit uses Hypertext Transfer Protocol Security (HTTPS) to Achieve secure connections. A configuration vulnerability allows an attacker to modify the configuration parameters of any server.

Code loophole

Studies by Coverity, a company specializing in software quality and security testing solutions, show that there are 0.52 errors in open source products per 1,000 lines of code and 0.72 errors in proprietary products (quality standards are less than 1 code per 1,000 lines Errors) These errors can adversely affect the security of the platform.

Even if the exchange developer writes the code without an error, there is always the risk of vulnerabilities in third-party software. For example, traps set up through operating systems, payment gateways, or communication channels can be used to install phishing / malware on the devices of exchange employees.

Smart contract vulnerability

Attackers detected vulnerabilities in the wallet's smart contract code, allowing them to control the victim's funds. Moreover, this can be a targeted attack on a specific wallet, or a batch attack on many wallets with the same vulnerability.

Phishing

Exploiting "human weaknesses" remains the most popular method of cracking accounts. An attacker masquerading as an exchange representative could access an employee's computer (sometimes taking months to complete this task) and have a private key. With Google Play, hacking personal accounts has become easier.

SMS authentication

If an attacker knows someone is trading or acting as an administrator of a cryptocurrency exchange, they can intercept their SMS (SMS Verification Code) and use it for authentication or access recovery processes.

Seven crypto hacking events of 2019

(2019 hack event timeline, source: Twitter)

Bithumb

Founded: 2014

Hacked time: March 29, 2019

Stolen amount: about $ 19 million

On March 29, 2019, the company's hot wallet recorded some unusual activity.In addition, insiders were suspected to be the cause of the attack. The incident only affected the exchange's hot wallet and Bithumb's own funds, while the user's cryptocurrency on the cold wallet was secure.

According to unofficial data and user estimates, more than 3 million EOS coins (about 13 million U.S. dollars) and 20 million XRP coins (about 6 million U.S. dollars) were withdrawn from the exchange's hot wallet. Hackers spread the stolen funds to various exchanges, including Huobi, HitBTC, WB and EXmo. People say this time because the private key of the g4ydomrxhege account owned by Bithumb was stolen and the exchange suffered losses.

Interestingly, a week before the accident, Kaspersky Lab experts warned that the well-known North Korean hacker group Lazarus (aka Hidden Cobra and BlueNoroff) is still interested in Asian cryptocurrency trading. Back in 2018, previous Bithumb hacks were also related to Lazarus' activities.

2.Bitrue

Founded: 2018

Hacked time: Late June 2019

Stolen amount: $ 5 million

In late June 2019, the Singapore trading company was attacked and was robbed of about $ 5 million. The attacker hijacked 90 client accounts. Bitrue immediately identified the attack, revoked the transaction records involved in the attack, and went to different trading platforms to freeze the corresponding XRP and ADA transactions.

3. Binance

Founded: 2017

Hacked: May 7, 2019

Stolen amount: $ 40.5 million

On May 7, one of Binance's hot wallets was hacked, and 7,000 Bitcoins were withdrawn from it in one transaction. According to information from other sources, the losses ranged from 7,074 to 7,159 Bitcoin. The exchange urgently suspended the deposit and withdrawal of funds and notified the user of the relevant event. Six hours after the incident, a statement and tweet confirmed the hacking, when the crypto community and everyone were discussing how strongly the platform and its authorization had been hit. The market reacted negatively. Of course, Binance's platform coin BNB fell immediately after the news broke.

4.Cryptopia

Founded: 2014

Hacked time: mid-January 2019

Stolen amount: $ 16 million

In mid-January 2019, Cryptopia, a New Zealand-based exchange, announced that Ethereum (ETH) tokens valued at nearly $ 2.44 million and approximately 48 million central (CENNZ) tokens valued at approximately $ 1.18 million Transfer to an unknown wallet.

The attack on the Cryptopia exchange actually caused the company to go bankrupt. How crooks can steal cryptocurrencies is still unknown. Cryptopia's representative did not disclose the amount of the loss, but said that the loss accounted for 9.4% of the funds stored. According to calculations by analysis company Elementus, the loss of ETH and ERC-20 tokens is around $ 16 million.

In May, the company announced that it had to close the exchange, and its founder, Adam Clark, announced his intention to launch another cryptocurrency exchange. The entrepreneur's plan seems overly ambitious-the bankrupt Cryptopia owes more than $ 2.7 million to creditors.

5.BitPoint

Founded: 2014

Hacked: July 11, 2019

Stolen amount: $ 32 million

The management of Bitpoint, one of Japan's largest cryptocurrency exchanges, reported that a hack occurred on the night of July 11, 2019. At present, the platform is temporarily unavailable and deposits and withdrawals have been frozen.

The attack was discovered due to errors in XRP transactions. Twenty-seven minutes after discovering the first issue, Bitpoint administrators realized they had been hacked, and after three hours, they also identified other cryptocurrency assets that had been stolen.

The attack reportedly affected hot and cold wallets on Bitcoin exchanges, which meant that Bitcoin's infrastructure was completely destroyed. A group of unidentified attackers stole 3.5 billion yen (about 32 million U.S. dollars) in Bitcoin, Bitcoin Cash, Litecoin, Ripple, and Ethereum. At the same time, only 2.5 billion yen (about 23 million U.S. dollars) belong to the customers of the exchange, and the remaining funds belong to the exchange itself-reserves and exchange profits.

6.Upbit

Founded: 2017

Hacked: November 27, 2019

Stolen amount: $ 48.5 million

South Korean cryptocurrency exchange Upbit has reported hacking. An unidentified attacker stole 342,000 Ethereum from the exchange's hot wallet, which is about $ 48.5 million at the exchange rate at the time of the attack. The funds were transferred to an unknown wallet.

Starting on November 27, 2019, Upbit temporarily stopped working and banned deposits and withdrawals. So far, all assets of the exchange have been transferred to "cold wallets". According to the developer's official statement, work on resources should resume within approximately two weeks. In addition, the exchange's representatives promised that they would fully compensate users for all the damage they suffered, although how such compensation has not been reported.

The biggest theft in history

Coincheck

Founded: 2012

Hacked: January 2018

Stolen amount: $ 534 million

Although this hack happened in 2018, it is a good example of what happens when security is ignored. Last January, Coincheck was notorious for a record-breaking cryptocurrency hack that stole $ 534 million in assets from users' wallets.

According to the Japanese media portal Asahi Shimbun, researchers questioned claims of hacking from North Korea. Coincheck's hack was linked to the actions of an "unknown hacker group" who infected the computers of exchange employees with Mokes and Netwire viruses and sent installation files via email.

"Analysis of the virus showed that the criminal gang's servers could connect to Eastern Europe and Russia," experts said. They point out that Russian hackers may be the culprits in spreading these viruses.

Both viruses allow attackers to take control of an infected computer and manage it remotely. According to Cointelegraph, Mokes first appeared on a Russian forum in June 2011, but experts have known the Netwire virus for 12 years.

How to protect your crypto assets

Although cracking crypto exchanges does not depend on ordinary users, there are many things you can do to protect the bitcoin at hand and reduce your risk of being affected by an exchange hack.

  • Use cold storage to save large amounts of cryptocurrencies (desktop wallets, hardware wallets);
  • Set up two-factor authentication;
  • Encrypt your own crypto wallet;
  • Store private keys out of reach of exchanges-preferably offline
  • Use more reliable exchanges and wallets when possible;

The struggle between cryptocurrency exchanges and hackers is endless: the former strengthens security, while the latter finds new loopholes. No one can guarantee that your funds will be completely secure when stored online. Cryptocurrency hackers are always looking for new opportunities to steal your money-don't let them do it. By using the precautions described above, you can reduce risk and ensure that your crypto assets are relatively secure and reliable.

Reprinted please retain copyright information, thanks for reading.