Bithumb Users Lose Billions of Won in Hack

Jul 7, 2017
Vote on Hacker News

Bithumb was hacked and people lost billions of won after data was leaked from an employee’s personal computer. No passwords were lost, but more than 30,000 user records (approximately 3% of their user base) had information lost as a result. Email addresses and phone numbers were used in targeted social engineering attacks to extract hundreds of millions of won worth of BTC from user wallets.

When Mt. Gox was hacked, people lost an estimated total of 850,000 BTC, valued at over $400 million USD at the time. On June 29th, Bithumb was hacked for BTC reportedly reaching into billions of won. According to BraveNewCoin, users have reported losses between 10 million won and 1.2 billion won.

 

How was the attack carried out?

While the effect was users losing money from their Bithumb accounts, the exchange claims that no internal servers, wallets, or other network assets were compromised. The attack was announced to have originated from an employee’s personal machine and followed up with social engineering.

By attacking users and their information, whoever masterminded the plan clearly intended to circumvent any security measures the exchange had set up to prevent or locate intruders. Though these more adaptive security measures are not published, Bithumb has also published a significant amount of on-board security features they use to protect their users from compromise.

 

What are some of Bithumb’s security measures?

The best defense is a proactive one, but in modern times, threats are adaptive and resilient. In order to protect their users, Bithumb employs high-security SSL, two-factor authentication via SMS, advanced encryption, and 24/7 server monitoring.

It is worth noting that Bithumb claims to have had none of their servers or other network assets compromised in the attack. Rather, it was an employee’s machine and subsequent social hacking that led to lost funds. They have alerted their users to be wary of voice phishing attempts, operator spoofing attacks, and malware that may be delivered via email until the issue has been resolved.

 

How is Bithumb handling the compromise?

Bithumb has announced that they are cooperating with South Korean law enforcement and cyber crime officials to find the root of the attack. In the meantime, they have assured their customers that they will reimburse their losses. Initially, their reimbursement was going to be limited to 100,000 won, but in light of multi-million and billion won losses, Bithumb has already paid out up to 100,000 won to affected individuals until the total of losses has been calculated.

Total losses from the June 29th attack remain unknown at this time but are estimated to be in the billions of won. The exchange was previously ranked in the top four bitcoin exchanges and top South Korean ETH exchange as of the time of this writing, averaging more than 100,000 BTC in transactions daily.

 

How is the community handling the breach?

Bithumb has cooperated with law enforcement officials, customers, and other parties in a very timely manner to resolve the issue, so it is unlikely that given the attack was not a direct success, but a targeted social engineering campaign, that Bithumb will suffer significantly. Before the attack, Bithumb was rated as the largest ETH exchange in South Korea and the fourth largest BTC exchange in the world currently.

Despite their promise of compensation, however, a group of 100 or more users is rumored to be preparing a class-action lawsuit against Bithumb. Given the amount of loss experienced and personal data leaked, that news is not surprising, however. Moving forward, Bithumb can only do their best to make things right and prevent other data from being leaked further.

 

What is the outlook for Bithumb in the coming months?

Provided Bithumb makes good on their promises of reimbursement, it is likely that they will resume seeing near-normal trading volumes in the near future. If it comes to light, however, that there are no policies for preventing sharing/ copying customer data to personal computers, then Bithumb may have more trouble ahead due to personal security liabilities.

 

Summary

Bithumb users fell prey to a vicious social engineering attack following the hack of a Bithumb employee’s personal computer which contained data including phone numbers and emails for approximately 3% of Bithumb’s users. Bithumb is one of the largest bitcoin exchanges in the world and the largest ETH exchange in South Korea.

The total estimation of lost funds exceeds 1 billion won. There is not currently an established total for funds lost in the attacks, Bithumb has, however, pledged at least partial refunds to users who lost funds as a result of the breach. Until a total figure is released by either Bithumb, South Korea’s KISA organization, or another means, it is not likely that any level of class-action suit or other action can be taken.

Which cryptocurrency exchange do you prefer? Let us know in the comments below, on Twitter, or Facebook!