This article was published on June 11, 2018

South Korean cryptocurrency exchange hacked for nearly $40M

Coinrail lost almost one-third of its cryptocurrency reserves to the hack


South Korean cryptocurrency exchange hacked for nearly $40M

Another day, another cryptocurrency heist. The latest to fall victim is the South Korean cryptocurrency exchange, Coinrail.

The company suffered a breach on Sunday, losing 30 percent of its cryptocurrency reserves. The exchange has not yet given an estimate of the loss, but local news outlet Yonhap News reports stolen funds amount to approximately $37.2 million.

Coinrail last traded over $2.48 million in 24 hours before the hack; making it one of the top 100 cryptocurrency exchanges in the world as per CoinMarketCap data. However, the exchange has since then halted its operations, and its website only displays a message about the said hacking.

Coinrail claims 70 percent of its cryptocurrency reserves are safe and have been transferred to cold wallets for security reasons; their transactions and withdrawals will resume as usual once the exchange service is stabilized.

The real problem lies with the remaining 30 percent affected by the breach. Coinrail says that its team might be able to recover 20 percent through collaboration with other cryptocurrency exchange desks, where the funds have been moved; for this though, the exchanges will have to either freeze or recall the funds. The company is still conducting an investigation with the remaining 10 percent.

Coinrail was mostly trading ERC20 tokens, according to CoinMarketCap. Pundi X (NXPS), which was the most traded asset on the platform, took the biggest hit, with more than two billion NPXS coins (approximately $19.5 million) stolen. For the record, this amounts to three percent of the entire NPXS token supply.

Pundi X stated on its blog that the decentralized cryptocurrency exchange IDEX (where the stolen funds had been moved) agreed to urgently freeze the trading of NPXS coins on its platform, and all the stolen coins remain traceable for now.

The company also shared the Etherscan URL of the wallet from where the stolen funds seem to have been moved to IDEX.

The wallet named “Fake_Phishing1432” received the coins from another wallet named “Fake_Phishing1431” before moving the coins to IDEX.

The Etherscan of Fake_Phishing1431 reveals that the hackers were also able to make away with $13.8 million worth of Aston X (ATX) tokens, $5.8 million worth of Dent (DENT) tokens, and $1.1 million of Tron (TRX). It appears the thieves were also able to snatch some other coins, including NPER (NPER), Kyber Network (KNC), Jibrel Network (JNT), Storm (STORM), and B2BX (B2B).

Coins other than Pundi X seem to have been transferred to a wallet at another decentralized cryptocurrency exchange, Etherdelta.

As per a report from local daily Korea Herald, the Korea Internet & Security Agency (KISA) has already begun investigating the case. A KISA spokesperson told Korea Herald that it may take up to a month for them to accurately study the cyber attack.

It is worth noting that the Coinrail hack is not a secluded incident. Popular cryptocurrency exchange, Bitfinex — infamous for its $68 million hack in 2016 — suffered a domain denial of service (DDoS) attack last week.

Indian cryptocurrency exchange Coinsecure suffered a cyber attack in April this year losing $3.5 million, which forced it to close operations in a similar fashion. Japan’s Coincheck also suffered a cyber attack in January roughly losing $420 million.

Indeed, research suggests the total amount of stolen cryptocurrency in 2018 alone has already crossed the the $1.1 billion mark.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with