One of South Korea’s biggest exchange, Bithumb, had about 3 million EOS stolen from their hot wallet, which is now confirmed, and it is rumored another 20 million XRP was stolen.
Bithumb said deposits and withdrawals have been temporarily suspended after cryptocurrency which belongs to the company was stolen. They do not specify which crypto or the amounts, with Bithumb stating:
“As a result of the internal inspection, it is judged that the incident is an ‘accident involving insiders.’
Based on the facts, we are conducting intensive investigations with KISA, Cyber Police Agency and security companies.”
EOS Block Producers have been asked to take action with the following screenshot now confirmed as authentic:
EOS Bithumb hack, March 2019.
A representative from EOS said “we’ve been working with exchange for over the last 15 hours,” with it unclear whether they can reverse these transactions.
The hack occurred yesterday on the 29th of March with Bithumb’s EOS account drained. The funds were then sent to Huobi, HitBTC, WB, EXmo and other exchanges.
CoinSwitch: 38,725$EOS DUMP 👀👀👀
— Dovey Wan 🦖 (@DoveyWan) March 30, 2019
The “hackers” therefore may have sold these stolen funds to others on exchanges, making any reversal of transactions even for the relatively centralized EOS potentially a difficult endeavor.
Rather than an actual hack, it appears this was a theft from previous or current employees.
Bithumb recently laid off about half of its staff as the exchange may have expanded too quickly, with their staff reduced from 310 to around 150.
That’s quite a lot of people, so it appears one of them has just taken the private key, with Bithumb stating “we only focused on defense of outside attack and lack of verification of internal staff.”
Bithumb was hacked out of $30 million last year with mainly XRP stolen. Making this the second hack in just a few months as millions are now stolen again.