Cyber Attacks Reading Time: 3 minutes

If you trade in cryptocurrency, your funds probably aren’t safe in a public exchange.

On June 19th, Bithumb, one of the largest cryptocurrency exchanges in Asia, changed their wallet system. They announced that they would temporarily suspend deposits while they changed wallets. Up until then, there were no known indications of cyber-attacks.

Twelve minutes after the wallet change, Bithumb made a shocking discovery. About $31 million USD worth of cryptocurrency was stolen! They paid all applicable accounts back the money that was stolen from them, but all of a sudden the company had a multi-million dollar loss and a cybersecurity incident to respond to.

The company tweeted:

[Notice for the suspension of all deposit and withdrawal service]
We checked that some of cryptocurrencies valued about $30,000,000 was stolen. Those stolen cryptocurrencies will be covered from Bithumb and all of assets are being transferring to cold wallet.

— Bithumb (@BithumbOfficial) June 20, 2018

Soon afterwards, the company deleted their tweet and retracted the statement. Weird. They may have been advised to take the statement back while they investigated the incident. But on June 21st, they acknowledged the cyber-attack publicly:

“After the incident occured on June 20, Bithumb quickly followed the procedure to immediately report [the] incident to KISA announcing that about 35 billion Korean Won worth amount of cryptocurrency was stolen. However, as we undergo recovery process on each cryptocurrency, the overall scale of damage is getting reduced. Hence, we expect that the overall damage will be less than the amount we initially expected.”

The Korean public sector has been assisting Bithumb with their incident response. They have been working with the Korean Ministry of Science and ICT’s Korea Internet & Security. Bithumb may be able to recover some of the stolen funds.

Once again, the company has assured investors who were affected by the attack that they will be fully compensated, no matter what.

“Bithumb has been administering company’s asset and customers’ asset, and all customers cryptocurrencies, as well as KRW asset, are safely stored on cold wallet and bank respectively. Moreover, we would like to ensure that Bithumb currently has about 500 billion KRW worth of company’s fund. The amount of damage that occured this time will be fully covered by Bithumb’s own company fund.”

If you invest in any cryptocurrencies, public exchanges may not be safe places to store your money. They generally aren’t as secure as conventional bank accounts of fiat currency.

Villanova University finance professor John Sedunov said, “Bitcoin and other cryptocurrencies have risen dramatically in popularity and value over the past few years. This fast run-up may have caught some exchanges off-guard, and they may not have had the capital on hand, time, or even the technical ability to ramp up security features fast enough to ward off potential attackers.”

“Cold” wallets are more difficult to attack than “hot” wallets. A “cold” wallet is a place to store cryptocurrency which is inaccessible to customers and also completely disconnected from the internet. A “hot” wallet is accessible to customers by being connected to the internet, which opens a major attack vector. Cryptocurrency money moves between “hot” and “cold” wallets all of the time.

It’s possible for you to maintain your own private “cold” wallet. Your “cold” wallet can be stored on an external hard disk or USB drive, which you should only have mounted to a computer that’s connected to the internet when you have to use it. Maybe the best approach is to put some of your cryptocurrency funds in your private “cold” wallet, and the rest in a “cold” wallet that belongs to an exchange. But you’ll need to check the exchange to see if they would transfer your “cold” wallet funds to a “hot” wallet, when and how. And even “cold” wallets aren’t completely safe from cyber-attack; they’re just generally much safer than “hot” wallets.

Or you could be like me, have no cryptocurrency, withdraw cash from your conventional fiat checking account, and store it in a fireproof safe that only you would have physical access to. But some people would think that I’m a bit eccentric.

It’s possible that during the June 19th wallet change, one of the wallets Bithumb handled contained malicious code that was the payload. More news may become public about this attack as more becomes known.

Bithumb’s a pretty big player in the world of cryptocurrency. It’s typical for them to trade over $200 million worth of funds in a day. As 2017 ended, Bithumb said that they had over a billion dollars’ worth of cryptocurrency holdings, and a net profit of about $300 million for the year. Uncle Scrooge would be proud.

Related Resources:

How To Improve Your Company’s Cyber Security Readiness

Why you’re putting your network at risk with a defensive approach to malware

The Seven Advantages of Hiring a Cyber Security Provider