Was CoinBene’s ‘maintenance’ a hack cover-up?

Getting your Trinity Audio player ready...

Cryptocurrency exchange CoinBene recently announced that it would be taking a break for unannounced maintenance. The move has many in the crypto community believing that the exchange was, in fact, hacked and not that it needed any maintenance. This belief was compounded by the fact that a large number of users reported large amounts of crypto being transferred out of the company’s wallets at almost the same time as the shutdown occurred.

Users tried to find out the real story, taking to social media to solicit feedback from the company. CoinBene Global, the exchange’s official Twitter account, stated, “In order to enhance the user experience, CoinBene upgraded the platform wallet on March 26, 2019. During maintenance, it will affect related operations such as deposit and withdraw, trading will not be affected.”

The company explained further that all deposits and withdrawals would be processed automatically once the maintenance had been completed, adding that the “completion time of the maintenance will be notified separately.”

Not everyone bought the line. The chief information officer for blockchain company Diviproject, Nick Saponaro, pointed out in response to the tweet that a review of blockchain data shows that as much as $40 million in ERC-20 tokens had left the company’s wallets.

In response to Saponaro, another user asserted that Etherscan showed the funds were sent to a wallet that was marked as a cold wallet. The person behind that wallet had also labelled other wallets “marketing” and “team” and suggested that the move may have been nothing more than internal company transactions.

The hacking rumors gained traction after CoinBene apparently avoided responding to another tweet that directly asked if the exchange had been hacked, indicating that the large transfers and frozen movements were suspicious. Instead of addressing the concerns, CoinBene never responded.

The user provided a graph that showed 370 million Maximine Coins (XMX) had left CoinBene’s wallets. The transfers follow a recent 700% increase this month, with CoinBene controlling 99% of the coin’s trades. That in itself is suspect, as, according to the XMX Github repository, the most recent activity occurred in April 2018.

The possible hack occurred at the same time that the Singapore-based DragonEx exchange was hacked, requiring the platform to be shut down. The total amount of crypto stolen wasn’t provided, but the company acknowledged that it had lost Bitcoin Core (BTC), Ether (ETH), Ripple (XRP), Litecoin (LTC) and EOS.