Coinrail, a South Korean cryptocurrency exchange platform has lost more than $50 million in the cyberattack. On Sunday, company reported that it had suffered a cyber attack, leading to the loss of 30 percent of all of the cryptocurrency tokens – or coins – that platform was storing.
해킹공격시도로 인한 시스템 점검중입니다. 일부코인(펀디엑스,NPXS)이 확인되었으며 추가적인 코인피해가 있는지 여부를 확인중입니다. 추후 자세한 사항은 재공지하겠습니다 / There has been an cyber intrusion in our system. We're confirming it and some coins(Pundi X, NPXS) are confirmed.
— coinrail (@Coinrail_Korea) June 10, 2018
Coinrail confirmed this cyber attack via its website and Twitter account. Due to this attack, the price of bitcoin decreased by 10% on Sunday to two-month lows. According to its website, 70% of client’s coin rail total coin / token reserves have been confirmed to be safely stored and moved to a cold wallet and are in storage.
The exchange further said that
“About 80% of coins that have been confirmed to be leaked have been frozen / withdrawn / redeemed or equivalent, in consultation with their co-workers and related exchanges, while the remainder are under investigation with investigators, related exchanges and coin developers.”
Coinrail has also mentioned some of the names of the tokens that were stolen in this cyber attack. These included the NPXS token from the Pundi X project, ATC from Aston and the NPER project’s NPER token. Company didn’t disclose the exact amount at stake. As indicated by a blog post distributed by Pundi X on Sunday said that the hacker may have stolen 1,927 ether, 2.6 billion NPXS, 93 million ATX and 831 million DENT coins, and in addition huge measures of six different tokens.
While the platform still hasn’t calculated or disclosed the exact amount, one industry watcher has said that stolen funds are about $50 million.
— corinipeatry (@peatrykim) June 10, 2018
Company further said that
“The exact damage of the leaked coin / token is currently being confirmed, which may require some time to be taken with the coin. Also, please understand that all related matters are difficult to share all progress to exclude all possibilities that may interfere with the investigation due to investigation by police agencies”
Meanwhile, chief research officer of Finnish security firm F-Secure Mikko Hypponen on Twitter said that “Cryptocurrency exchanges are ideal targets for hackers. Small companies with a lot of money. Run by startups, with small security teams and no experience. And if you get in, the loot is already anonymized and untrackable”
We see this regularily. Attackers are moving on from traditional financial targets; from hacking online banks and online stores to hacking crypto exchanges and token wallets. This makes a lot of sense from the attacker’s point of view. https://t.co/PbVXbTTl3e
— Mikko Hypponen (@mikko) May 29, 2018