$16 Million in ETH and ERC-20 Coins Stolen from Cryptopia, Report

Clients of the New Zealand-based cryptocurrency exchange Cryptopia have lost more than $16 million worth of Cryptocurrencies Cryptocurrencies By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw By using cryptography, virtual currencies, known as cryptocurrencies, are nearly counterfeit-proof digital currencies that are built on blockchain technology. Comprised of decentralized networks, blockchain technology is not overseen by a central authority.Therefore, cryptocurrencies function in a decentralized nature which theoretically makes them immune to government interference. The term, cryptocurrency derives from the origin of the encryption techniques that are employed to secure the netw Read this Term in a recent theft from the exchange, according to an estimation by the Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned.) In this sense, blockchain is immune to the manipulation of data making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tampe Read this Term analysis platform Elementus.

Since Cryptopia did not officially disclose any figures, multiple analysis firms are now trying to come up with an estimate. Previous estimates put the loss between $2.5 million to $3.5 million, and, if correct, Elementus’ numbers project an eye dropping negligence in the part of the exchange.

The blockchain analysis firm has only analyzed Ethereum and other ERC-20 tokens’ blockchain and claims that hackers stole more than $3.5 million in ETH, around $2.5 million in Dentacoin, and many other coins, taking the total figure to $16,002,108.

Moreover, these hackers slowly transferred a huge chunk of the stolen funds to several exchanges in small deposits hoping to cash out fiats. Elementus found that a total of $882,632 worth of ETH and ERC-20 tokens were transferred to many exchanges including Bibox, Binance, and Huobi.

A Unique Attack

The report by Elementus also explains the techniques used by the hackers which raised many concerns for the security of stored funds on the exchange-controlled wallets.

Until now, most of the major thefts on exchanges were attempted through vulnerabilities on smart contracts. However, in the case of Cryptopia, hackers directly targeted the wallets of clients of the exchange. This shows that they gained access to the private keys of the wallets stored by the exchange.

Moreover, unlike other thefts, the attackers did not try to pull all the funds at once. Instead, the activity spanned for around five days. Elementus also claims that Cryptopia was aware of the attack but did nothing to stop it.

“After Cryptopia discovered the hack, they watched the funds continue to flow out of their wallets for four more days, seemingly powerless to stop it. As these wallets were not smart contracts, there should have been no technical complications preventing Cryptopia from securing the funds,” Elementus stated. “The only plausible explanation for Cryptopia’s inaction is that they no longer had access to their own wallets,”

Cryptopia’s Response to the Attack

On January 15, Cryptopia publically announced about the attack on the exchange and said it has suffered “significant loss” without disclosing any figures.

The local police are now investigating the case and are considering even the exchange's role on the attack as rumors are floating that this might be an internal hack or an “exit scam.”

I’m not liking how silent Cryptopia has been.

Imagine if this behavior came from a larger exchange like Binance. It’d be unacceptable.

I didn’t have much on Topia but I feel bad for those who kept a large portion of their portfolio there and arent getting any updates..

— Loma (@LomahCrypto) January 20, 2019

“The assistance of the cryptocurrency community is being sought as the investigation progresses. This is a very complex investigation, involving expert digital forensic investigators from within New Zealand and in various overseas jurisdictions, as well as overseas authorities. Members of the investigation team met with Cryptopia management and staff yesterday and today and outlined progress in the investigation,” an official statement from the New Zealand police noted.