A blog post from Elementus, a blockchain infrastructure firm, has confirmed on 29 January that Cryptopia, New Zealand-based cryptocurrency exchange, is still being compromised by hackers. The hack was first bought under the limelight two weeks ago. Since then, the cryptocurrency exchange has suspended all services, which has further led to significant losses to Cryptopia. Before disclosing the breach, Cryptopia released a number of brief updates and declared it was undergoing unscheduled maintenance.
An estimated $16 million worth of Ethereum (ETH) and ERC20 tokens are considered stolen by Elementus on 20 January. Data on the Ethereum public blockchain mentions that funds were siphoned on the morning of 13 January from Cryptopia’s two core wallets — one holding ETH, the other tokens. Furthermore, in a post published by Elementus, it is claimed that the attack is continuing and that hackers have stolen 1,675 ETH ($175,875) from 17,000 Cryptopia wallets. Among the 17,000 affected wallets are 5,000 which were emptied when the platform was first breached, but have since been refilled. Elementus additionally claimed that the same hacker or hackers are responsible for the continued security breach, as the funds have been transferred to the address used in the initial hack.
Two addresses on Etherscan have been flagged for involvement in the hack, and a warning has been sent to the site that the public should proceed with caution when interacting with the addresses. Etherscan is a block explorer and analytics platform for Ethereum. Though the hacker or hackers still has/have control over Cryptopia’s Ethereum wallets, the exchange has absolutely none.
Elementus CEO Max Galka wrote: Among the wallets affected are the 1,948 at-risk wallets https://github.com/elementus-io/cryptopia-hack we identified previously, some of which have continued to accrue funds as recently as today. The list also includes over 5,000 wallets that had already been drained in the original hack but have since been topped up, presumably by unknowing Cryptopia users. […] The funds began moving at 6:59 AM this morning (Monday, 28-Jan) […]
He further added, “Most of the funds are coming from mining pools. Presumably, these payments are being sent on behalf of miners who opted to receive their rewards automatically via “direct deposit,” and have since forgotten about it.”
Experts from the crypto community have ascertained that this is not a second attack on Cybertopia’s wallets, but a continuation of the hack.
One individual on Twitter said, “The nature of the compromise is, the attacker stole their ETH privkey and deleted [Cryptopia’s] copy. Same hack, just new histrionic-news able point to steal your attention if you never learned the basics of how private keys work.”
About Cryptopia :
Cryptopia is a cryptocurrency exchange headquartered in New Zealand. The exchange focus is on better user experience for crypto-currencies. It allows investors to sell anything, to anyone, anywhere in the world in exchange for the cryptocurrency.