The recent Upbit hack is yet another reminder for storing coins on a cryptocurrency exchange. Let’s take a look at seven major cryptocurrency exchange hacks in 2019, with the increasing severity. Lesson learned? If you do not hold the key, the coin does not belong to you!
1. BiTrue – $ 4.2 million
Singapore’s BiTrue exchange lost $ 4.2 million in user funds in June. Hackers took the initiative to target the two XRP and ADA, taking advantage of the vulnerability in the exchange’s internal evaluation process to infiltrate. Hackers then transferred 9.3 million XRP and 2.5 million ADA obtained to various exchanges. BiTrue said it has partnered with other exchanges to freeze the cash flow and promised full compensation to users.
Official Statement Regarding The Hacking of Bitrue On June 27 2019
— Bitrue (@BitrueOfficial) June 27, 2019
2. DragonEx – $ 7 million
Singapore-based DragonEx reported losing “an undisclosed amount” of user funds in the hack on March 24, but it was rumored to be about $ 7 million. DragonEx does not commit to refunding users the same as the solution of other hacked platforms. Instead, the exchange confirmed to build a “contingency compensation plan” with Tether (USDT) or Dragon token.
3. Bithumb – $ 13 million
South Korea’s Bithumb was the next name hacked in March, stealing $ 13 million in EOS and $ 6.2 million in XRP. This happened less than six months after the $ 31 million concussion hack also on the exchange at the end of 2018. Bithumb suspected the hacker might be an employee of the exchange itself when he noted “an unintentional withdrawal” usually from one of the exchange wallets. Bithumb also claimed that no user was damaged in the hack.
Bithumb hacked for $30M but covering all losses. Our industry is getting better and stronger ? https://t.co/P2HOaFYpWS
— Charlie Shrem (@CharlieShrem) June 20, 2018
4. Cryptopia – $ 16 million
New Zealand’s Cryptopia exchange unexpectedly stopped working on January 15 after announcing the discovery of a “security bug” resulting in a “serious loss” The exchange was closed for the remainder of January and for the whole of February. The representative said he could not comment further and invited the police to investigate the hack’s estimated damage to 16 million dollars.
It is still not clear what method hackers used to invade. Cryptopia did everything it could to salvage the situation, even reopening trading operations in March. However, this effort was seen as a “scandal,” when Cryptopia announced the liquidation of its assets in May, after. That ten days, the official filed for bankruptcy.
5. Bitpoint – $ 28 million
In July, Japan’s Bitpoint exchange lost $ 28 million in a hack that affected 50,000 users. It’s still unclear how hackers infiltrated the exchange, but that was enough to make the exchange stop trading for a month. As with other platforms, Bitpoint is committed to compensating affected users. Cryptocurrency trading operations were resumed normally in August.
6. Binance – $ 40.7 million
Then, in May, Binance was robbed of 7,000 BTC, worth about $ 40.7 million at the time. The reason behind the hack is because the cryptocurrency exchange with the largest trading volume in the world has encountered a bug in a hot wallet. Binance stated that only 2% of the exchange’s price was in a hot wallet at the time of the attack.
Hackers then quickly dispersed the BTC collected by tearing them down into a network of wallets. In response, Binance froze the coin withdrawal operation for a week to enhance security. The exchange finally reopened the entire service on May 15, while committing to a full refund for users.
Withdrawals are open for most tokens, the balance will be open shortly.
A new requirement to be logged in while confirming the withdrawal mail was added. It caused a small conflict while using the app so it will be rolled back shortly.
— CZ Binance (@cz_binance) May 15, 2019
7. UpBit – $ 49 million
As AZCoin News reported two days ago, the largest cryptocurrency exchange of South Korea Upbit, on November 27, became the latest victim of hackers in 2019. In just a few minutes, 342,000 ETH – worth more than $ 49 million – on the exchange did not fly. According to the announcement of the exchange, the money hacked is not user funds and freezes all functions for at least two weeks.
PlusToken Scam and QuadrigaCX cost $ 4.4 billion in 2019
According to a report by CipherTrace, the damage caused by thefts and scams in the first three quarters of 2019 has reached a whopping 4.4 billion USD – a significant increase compared to figure of 1.7 billion USD in 2018.
Two major events are the PlusToken scam ($ 2.9 billion) and the scandal of QuadrigaCX ($ 195 million), which accounts for the majority of the money lost.
Considering the reason for the rapid increase in damage from hacks, CipherTrace said that many exchanges and platforms are not applying the appropriate KYC standard measures. Of the 120 exchanges surveyed, only 35% were considered to have strong KYC measures, 41% were considered to have many KYC bugs and 24% were weak in KYC work.
As 2019 is coming to an end, the hacks show that there are still many shortcomings in the security of cryptocurrency wallets of exchanges, both large and small. What awaits the cryptocurrency field in 2020? Hopefully, we will have less to hear about the huge amount of damage that comes from exchange hacks.
Read more:
- Losing 342,000 ETH – Upbit Became The Latest Hacking Victim In Crypto Industry 2019
- Hackers Are Distributing ETH Stolen From UpBit To Different Wallet Addresses