Who is Hacking Crypto Exchanges?

Blockchain technology is inherently very secure with unique built-in security features but it is not “unhackable” as history has shown. At the end of July, the United Nations released a report accusing North Korea of using “widespread and increasingly sophisticated” hacks to collect roughly $2 billion in cryptocurrency and fiat currency. Writing for Coindesk recently, Daniel Palmer reports that North Korea has denied the U.N. report and is accusing the U.S. and “other hostile forces” of “spreading ill-hearted rumors.” Palmer says “The notorious hacking group Lazarus has been claimed to be working for the state and linked to major crypto exchange breaches as well as attacks in the banking world.”

Prior to the release of the U.N. report, in a February 2019 article for MIT Technology Review, Mike Orcutt wrote that “In total, hackers have stolen nearly $2 billion worth of cryptocurrency since the beginning of 2017, mostly from exchanges, and that’s just what has been revealed publicly.” Orcutt says these are not just opportunistic lone attackers.

Cryptocurrency is decentralized, and blockchain technology means that the “ledger” of crypto transactions is distributed around the world on millions of computers. There is no central point to hack into and the blockchain itself is very safe and secure. But with an exchange, which functions like a bank, hackers have a weak point they can exploit to break in and steal user information, money and cryptocurrency.

The Wall Street Journal explained the vulnerability of crypto exchanges like this, “Unlike stock exchanges, which facilitate trading but don’t actually hold securities on behalf of investors, many cryptocurrency exchanges charge fees for trading and store currencies for their customers. Analysts say that makes cryptocurrency exchanges like sitting ducks. Thieves that manage to break in can do something akin to robbing a bank—getting hold of valuable cryptocurrencies that they can cash out of.”

Insider Hacks

Sometimes the hacks are the work of insiders. In March 2019, Bithumb, the largest cryptocurrency exchange in South Korea was hacked. It appears that more than 3 million EOS and 20 million XRP (Ripple) were stolen. The Block reported, “The insider hack of Bithumb comes less than one year after another hack of the exchange in June 2018. In that incident, hackers stole $31 million from the exchange’s hot wallets. Bithumb was eventually able to recover some funds, but hackers still got away with $17 million. In March, Bithumb announced that it plans to cut its 310-member staff by up to 50%.”

Another South Korean exchange, Coinbin, was forced into bankruptcy in February of this year following a loss of $26 million which is blamed on an embezzling insider. This same executive was the former CEO of Youbit which also declared bankruptcy following a hack of $15 million.

China Catches Hackers Who Stole $87 Million in Cryptocurrency

South China Post reported last year that China arrested three men on suspicion of stealing about 600 million yuan (US $87 million) in virtual currency. Apparently the suspects have “studied hacking technology since they were aged around 12 and 13 and had gone on to work at top internet firms.”

The Largest Bitcoin Hack

In 2010 Bitcoin was only worth pennies per coin, but as far as number of Bitcoins hacked, the “Value Overflow Incident” resulted in more than 184 billion Bitcoin being generated out of thin air. The hacker, still unidentified, took advantage of a weakness in the code for checking Bitcoin transactions. Satoshi Nakomoto, the anonymous creator of Bitcoin, generated a code fix within hours of the incident, quickly rectifying the hack, creating Bitcoin version 0.3.1 which is the blockchain still being used today.

Mt. Gox was one of the most popular cryptocurrency exchanges in 2013 when it lost 850,000 Bitcoin, which is a record amount of Bitcoin stolen. It appears that the hacker(s) may have been insiders who were able to drain wallets of funds while making the system interpret these transactions as deposits. The Mt. Gox hack still stands as the biggest Bitcoin hack of all time, as far as dollar value is concerned.

Hackers Net $40 Million in Bitcoin from Binance

Binance, based in Taiwan, is one of the largest cryptocurrency exchanges in the world. This past May, hackers withdrew about 7,000 Bitcoin in a single transaction. At the time of the hack, that would have been worth about $40 million USD. Vox reported that “hackers obtained user API keys, two-factor authentication codes, and other information to execute their plan and withdraw 7,000 bitcoin in a single transaction.”

The Largest Crypto (non-Bitcoin) Hack

The largest hack in cryptocurrency history happened last year to the Japanese exchange Coincheck. Coincheck President Toshihiko Katsuya was interviewed by LongHash recently. “Coincheck, with over $500 million stolen, was the biggest hack since Mt. Gox (in 2014),” Katsuya said. “We still don’t know who the hackers were. I think people were astonished by the amount.” The stolen cryptocurrency was the somewhat obscure NEM (New Economy Movement) altcoins. At the time, Coincheck did not have a license, but was operating on provisional basis. Since then new requirements for security, anti-money laundering and countering financing for terrorists have been put in place for crypto exchanges in Japan. After proving compliance with the new regulations, Coincheck’s formal registration was granted in January 2019. The Coincheck hack had a chilling effect on the Japanese crypto market but it is finally starting to come back.

Buy and Sell Bitcoin Securely Without an Exchange

Coinsource customers buy and sell bitcoin directly and securely through Coinsource and not a third party crypto exchange. And Coinsource immediately deposits all bitcoin transactions into their customers’ wallets. Their secure peer-to-peer network means that funds don’t sit on an exchange which, as we’ve seen, is hackable. Create a Coinsource profile today and begin buying and selling Bitcoin securely, quickly, and with cash.