Business 30 January 2019

Erik Gibbs

Is the Cryptopia hack still ongoing?

On January 15, New Zealand-based cryptocurrency exchange Cryptopia realized that it was under attack by hackers. It moved to thwart the theft of assets, but not until after approximately $3.65 million in Ether (ETH) and Centrality had been lifted off the platform. There has been mounting concern over a lack of follow up information related to the hack and it has now surfaced that the hackers may still be actively withdrawing funds from the exchange. 

A blog post from Elementus, a blockchain infrastructure company, from yesterday indicates that the exchange is still comprised. The company asserts, “In our investigation of the Cryptopia hack, posted last week, we highlighted that thousands of Cryptopia wallets may still be at risk. We were right.”

Elementus goes on to say that another 17,000 wallets on the exchange have lost around 1,675 ETH, currently worth approximately $180,000. It adds that these wallets include 1,948 “at-risk wallets” the company had previously identified, as well as 5,000 wallets that were targeted in the first wave of attacks. Elementus posits that these wallets had been topped off again by Cryptopia users who weren’t aware of the attacks

The latest hacks reportedly began at 6:59 AM local time and continued throughout the day, with the funds being moved to a particular ETH address. While there was an initial belief that the activity could have been led by Cryptopia in order to secure funds, Elementus adds that by evening, “it became obvious this was the same hacker. At that time, the incoming transfers stopped and the funds were moved into [another address], one of the wallets used in the prior series of breaches.”

It would appear that Cryptopia is no longer in control of the exchange. Elementus adds that it seems the hacker, or hackers, has access to a large number of private keys and is able to transfer funds out of the wallets at any time. 

While it seems odd that money would still be deposited to the wallets despite extensive media coverage of the hacks, Elementus offers an explanation. It states, “Most of the funds are coming from mining pools. Presumably, these payments are being sent on behalf of miners who opted to receive their rewards automatically via ‘direct deposit,’ and have since forgotten about it.”

Now would be a good time to remember.

Note: Tokens on the Bitcoin Core (SegWit) chain are referenced as BTC coins; tokens on the Bitcoin Cash ABC chain are referenced as BCH, BCH-ABC or BAB coins.

Bitcoin Satoshi Vision (BSV) is today the only Bitcoin project that follows the original Satoshi Nakamoto whitepaper, and that follows the original Satoshi protocol and design. BSV is the only public blockchain that maintains the original vision for Bitcoin and will massively scale to become the world’s new money and enterprise blockchain.

COMMENT

latest news

‘Irresponsible tweets’ land John McAfee in hot water with Skycoin

Business 22 March 2019

‘Irresponsible tweets’ land John McAfee in hot water with Skycoin

Skycoin has responded on Twitter that it John McAfee’s comments about “whale f--king” that actually led to the project being forced to sever ties with the cryptocurrency influencer.

Read More
Watch out: Fake Wasabi crypto wallet out to steal your crypto

Business 22 March 2019

Watch out: Fake Wasabi crypto wallet out to steal your crypto

The scam wallet is an uncanny clone of the real Wasabi wallet. It comes with a fake website and for those who are not keen, it's almost impossible to distinguish between it and the real one.

Read More
UPS partners with blockchain startup for B2B platform

Business 22 March 2019

UPS partners with blockchain startup for B2B platform

UPS, a global leader in logistics, announced a partnership with Inxeption that targets B2B merchants.

Read More