Septu summary: A hot wallet hack at British crypto exchange EXMO UK that has apparently resulted in ~$10M of #cryptocurrency being stolen. They released this incident report. This type of attack is very interesting for cybercriminals, for obvious reasons – see this on crypto exchange security.
U.K.-registered cryptocurrency exchange EXMO Exchange Ltd. has been hacked and the equivalent of about $10 million in customer cryptocurrency was stolen.
The hack on the exchange, which is popular in Russia, Ukraine and Kazakhstan was detected Monday and primarily involved the theft of bitcoin but also XRP, Zcash, USDT, Ethereum Classic and Ethereum from customer hot wallets, those that are readily accessible.
An investigation by EXMO is still underway but the company has been transparent in providing updates and details to customers. In an update early Dec. 23 U.K. time, EXMO wrote Monday that the amount stolen due to the hack makes up about 6% of the company’s total assets.
“The company’s policy is to store around 5-10% of all its assets on hot wallets to enable fast withdrawals for users and limit potential losses from the hacks,” EXMO wrote. “At the moment of the hack, there was approximately 5-10% of BTC on a withdrawal wallet according to the internal rules.”
To secure funds from further theft, all client and deposits and withdrawals have been suspended. EXMO has also managed to trace much of the stolen funds, and most of the bitcoin stolen was transferred to a single address. The transactions on the wallet show it receiving a total of just over 306 bitcoin worth approximately $7.24 million, with subsequent withdrawals of just under 15 bitcoin ($355,000) as of 9:49 p.m. EST today.
EXMO noted that some of the stolen funds in XRP and Ethereum were transferred to the Poloniex exchange and that Poloniex had been contacted to block the associated account.
Police and the U.K. National Cybersecurity Center have been contacted and EXMO is working with CipherTrace, Chainalysis and Crystal to mark the hacker’s addresses, where the fund came to, as “criminal” and “high risk” in an attempt to make sure the stolen cryptocurrency will not get into the hands of innocent users.
To prevent further attacks, the company said, it’s planning to set a third-party custody provider for hot wallets, decrease the level of cryptocurrency they keep in hot wallets to 4% to 7% and to expand and strengthened its security department.
The attack comes as bitcoin has continued to trade at record or near record highs. After breaking the $24,000 mark over the weekend, the price of bitcoin has dropped slightly but continues to trade in a range of between $22,000 and $24,000, higher than bitcoin has ever traded as recently as a week ago. Bitcoin was trading at $23,622.88 as of 10 p.m. EST.
From: silicon angle