Counting coins three times were hacked: Is Li Xiao really true?

On May 8, Coin Security first publicly acknowledged the occurrence of bitcoin theft and lost 7000 BTC. Previously, the currency security was attacked by hackers in March and July 2018, and a security incident occurred. However, afterwards, the currency security denied that it was actually stolen. For the currency security, the stolen 7000BTC (about 41 million US dollars) is not fatal, only 52% of the first quarter profit of the currency security, more people are questioning the technical level of the currency security. In Li Xiaolai’s 50-minute recording, Li Xiaolai’s “satire” coinage founder CZ (Zhao Changpeng) did not understand the technology. The reason why Qian’an succeeded was that it was just luck, just in time to catch up with the opportunity. The underlying technology is actually very general. What is Li Xiao really talking about?

Coin Ann’s first public recognition of stolen coins

On the morning of May 8, an announcement broke the silence of the morning of the currency circle.

The cryptocurrency exchange currency issued an announcement saying that the currency security discovered a large-scale security breach at 17:15:24 on May 7, and the hacker stole 7,000 bitcoins from the coin security BTC hot wallet at block height 575012. .

At the same time, the currency security appease investors said that this part only accounts for 2% of the total amount of BTC, which only affects the BTC in the coin security wallet. Other wallets are safe.

This is the first publicly acknowledged theft since the establishment of the currency in 2017.

Despite the hacking incident in Qian’an in March 2018, the hacker did not steal any assets from the currency security. Instead, he made a huge panic to the market through a series of operations and profited from the empty orders.

In July 2018, Syscoin had an unusual transaction. The currency was again hacked and 7,000 bitcoins were transferred. He Yi, the co-founder of the currency security, denied this.

The stolen 7000 BTCs, at the current price of 5,860 US dollars, equivalent to 41 million US dollars, He said that the currency will use the SAFU fund to fully bear the full loss of this attack, and no users have any losses.

The outside world does not seem to lose confidence in the currency security. DGroup founder Zhao Dong released Weibo and said that he still believes and continues to support the currency security. Sun Yuchen, the founder of the wave field, said that he is willing to deposit the USDT worth 7000BTC into the currency to purchase BTC. BNB, TRX, BTT.

For the currency security, the loss of 41 million US dollars is not enough to be fatal. Zhao Changpeng publicly responded to Sun Yuchen on Twitter: No need for help, the currency security is not bankrupt.

According to cryptocurrency news media The Block, Coin Ann announced a profit of $78 million in the first quarter of 2019, a 66% increase from the previous quarter, and $4,100 is only 52% of the first quarter profit.

For the reasons of the theft, Beijing Chain Security Technology said that the stolen money was probably the result of the long-term APT penetration of the hacker's intranet, which was the result of long-term hacking.

The funds were stolen and stolen through the process of withdrawing money instead of the hot wallet private key. The single coin has reached 7000 bitcoin, but the coin-operated coin control system has not been effectively alerted. The API transaction key and the Google verification 2FA code are saved by the user and the currency security server, and the amount of the stolen is huge.

It is very likely that the intranet has been hacked by hackers for a long time, and not by single or bulk users being hacked by phishing viruses. The stolen 7,000 bitcoins are scattered among more than 40 hacker-controlled wallet addresses and have not been transferred.

After the theft incident, the founder of the currency, Zhao Changpeng, said in a live broadcast on Twitter that the hacker had previously discovered system security vulnerabilities, but he had been very patient until the system had a large transaction to start stealing money.

The community proposed that part of the stolen amount could be recovered through block reorganization/transaction rollback, but the program is still under discussion and has not yet decided whether it will do so. Zhao Changpeng said that the rollback has a negative impact on the credibility of the BTC network.

There have been repeated hacking attacks, and the outside world has been questioning the technical strength of the currency security.

In the 50-minute recording of Li Xiaolai, Li Xiaolai named "satire" coin founder CZ (Zhao Changpeng) did not understand the technology, the reason why the currency can succeed is only relying on luck, just to catch up with the opportunity, the underlying technology is actually very general.

After the incident, the currency security will also undergo a one-week thorough security review.

In March 2018, the hacker Jin Yu shelled

At 1:40 am on March 7, 2018 Beijing time, the currency was hacked and attacked.

Some users released Twitter saying that the currency security was hacked, and the various cryptocurrencies in their accounts were suddenly sold, and the instant transactions became BTC or VIA.

Immediately, some media reported that this was an organized and premeditated hacking operation. Some API robots were attacked by hackers. The hackers used the stolen account to buy VIA at a high price, causing VIA to be exploded, up 110 times.

Coin Ann immediately announced the suspension of withdrawals of all currencies, but the hackers did not choose to withdraw cash, but on the currency to raise the value of VIA, triggering a chain reaction of other exchange currency prices, hackers then sell VIA from other exchanges, And profit from BTC shorts.

For the stolen money, the official official denied: "No stolen, API cash withdrawal to confirm the mail, just sold, and now the situation has stopped, the currency can not be taken, in the confirmation of why these users have problems ""

The damaged user wants to roll back the transaction, but the currency indicates that the transaction cannot be rolled back because the counterparty is not a hacker account, and the loss will be borne by the user.

In response to this incident, Li Xiaolai said in a WeChat group that he suspected that the hacker only used the loophole of the currency security to carry out the operation of pulling the VIA, driving other exchanges to follow the disk, even if it could not withdraw the currency from the currency, it could be in other The exchange is profitable by doing more VIA or shorting the BTC, and the customers of the currency will eventually be “harvested” remotely by buying the VIA at a high price.

The hacking incident also triggered a chain reaction. CoinMarketCap.com data showed that in the early morning of March 8, 2018, the top ten digital currencies plummeted across the board, with bitcoin falling more than 10%.

At 9:00 am on March 8, Coin Ann announced in the official website that the withdrawal has been resumed, and said that this is a large-scale phishing acquisition of user accounts and "attempts" to steal money.

After that, the Currency Exchange issued the "Civil Security Hacker Wanted Order". The Wanted Order stated that if a user could bring a hacker who attempted to attack the currency on March 7, 2018, the money would be worth $250,000 worth of BNB.

In addition, the currency security decided to use the digital currency of the equivalent of 10 million US dollars as a future reward bounty, to resist any illegal hacking attacks on the currency security.

However, hackers are still at large.

Suspected stolen 7000 bitcoins in July 2018

At 4 o'clock on the morning of July 4, 2018, the company announced that it had carried out temporary maintenance. Previously, there was an abnormal transaction in which 96 BTCs were purchased with a SYS on the platform.

At the same time, according to the monitoring information of big data analysis expert Chaindigg, around 5 am on July 4, the money security exchange showed a large amount of cash withdrawal, the address accumulated over 2,000 BTC within 2 hours, and the coin transfer mode was the normal transfer mode.

There is news on Twitter that hackers have exploited 51% of attacks and sys vulnerabilities to implement attacks, and then use the API to buy sys and sell at a high price, thus transferring 7000 BTC from the currency.

The announcement of the currency security announcement indicated that in the early morning of the 4th, some API users had abnormal trading behavior in the SYS transaction and triggered the currency security control system. The currency security suspended the transaction and cash withdrawal. It was verified that this incident was a phishing incident for some API users.

This hacking operation is similar to the last one. First, the hacker masters the API of a large number of currency security accounts, then uses his own account to hang a sales order, sells one Syscoin, and the price is set to 96 BTC. Finally, the attacker uses the API to Buy your own hanging sales order and the transaction is complete.

In response to this situation, the currency security sacrifices a big kill trick – roll back.

For transactions that involve passive transactions involving abnormal transactions, the transaction is rolled back. For users who are actively involved in the transaction, the user will be exempted from the fee from July 5th to 14th, and all users of the platform will be paid from July 5th to 14th. 70% of the transaction fee, and converted to BNB according to the 14th closing price.

The biggest impact of this incident is that the currency security has established the currency security investor protection fund. From July 14th, 10% of the transaction fee will be used as the investor protection fund.

For the rumor of the stolen 7,000 bitcoins, He Yi, the co-founder of the currency security company, denied the stolen money, saying that this was just an internal transfer of the platform.

Wen Hao is not bright

This article is the original deep chain Deepchain ( ID: deepchainvip) . Unauthorized reproduction is prohibited.