Hackers stole nearly 1 million BTC to welcome the bull market

Since May, the price of Bitcoin has risen from US$5,300 at the beginning of the month to over US$8,900 recently. The price of the currency has more than doubled compared to the beginning of 2019!

The voice of bull market is constantly coming from analysts of major exchanges; but along with the fluctuation of currency prices, the long-standing haze of exchanges and users has returned: hackers are beginning to return!

Hackers are more sensitive to the market than analysts

Since January 2019, the digital currency market has gradually recovered. The rising currency prices and new users have made a dormant group - hackers - active again.

Digital currency is the product of technology geeks and cypherpunks. Data is stored on the chain, and its decentralized concept makes the digital economy the current trend. However, the existence of centralized exchanges has given hackers an opportunity to take advantage of it. Compared with the Internet protection at the national level, the Internet protection capabilities of exchanges seem to be stretched.

If we look at the history of exchanges being stolen, the data is quite shocking.

According to incomplete statistics, at least 22 exchanges around the world have been successfully attacked by hackers, with more than 30 thefts, and a total of approximately 1,000,000 bitcoins and $800 million worth of digital currencies have been stolen by hackers.

These include not only leading exchanges such as Binance, OKEx, Mt.Gox, Bitfinex, and Bithumb, but also Indian exchange Coinsecure, Italian exchange BitGrail, etc.

The following figure shows the hacker attacks on some exchanges in 2018:

——Picture from the Internet

In fact, the number of thefts on exchanges is constantly changing with the ever-changing market of digital currencies. The upcoming bull market has allowed hackers to see real-time benefits, and unlike the legal currency market, digital currencies have huge growth potential. In addition, they are difficult to be tracked by technical personnel of exchanges or governments, so they naturally become the target of hackers.

In August 2016, about 120,000 bitcoins were stolen from the Bitfinex exchange. Once the news was exposed, the price of bitcoin fell by about 13%. Prior to this, from June to mid-July, the price of bitcoin rose from $450 to around $760, an increase of about 60%.

On January 26, 2018, 523 million NEM coins were stolen from Coincheck, one of Japan's largest exchanges, resulting in a loss of at least US$426 million.

Subsequently, the price of Bitcoin plummeted by about 52.4%, falling from $11,920 to $6,250. Before this incident, Bitcoin reached its historical high of $20,000 per unit.

At the beginning of May this year, 7,000 bitcoins were stolen from Binance. But unlike before, this time, bitcoin did not fall but rose instead. Of course, this did not rule out the stimulation of favorable news such as the entry of major market giants into digital currencies at that time. This also made Bitcoin the digital currency with the highest return rate among digital currencies this year.

Every time the cryptocurrency market rises or recovers, it attracts hackers to plunder the hot wallets of exchanges and brings about a wave of panic pullbacks in the market.

International thieves hoard digital currency

The hacker groups chose not to take responsibility for the theft, and due to the anonymity of blockchain, the exchanges could only use their profits to offset losses. For those exchanges that could not afford the costs, such as Bitcoinnica, Bitfloor, BitGrail, Mt.Gox, Youbit, etc., they had to close or go bankrupt.

As a leading exchange, Binance has long been targeted by hackers. On the other hand, the recovery of the digital asset market and the continued rise in currency prices in recent times have also made hackers "eager to make a move."

It has become a consensus in the industry to store large amounts of assets in cold wallets, the purpose of which is to ensure asset security. However, due to the special nature of their identities, most exchanges will choose to place 5% of their assets (adjusted according to activity) in networked hot wallets to meet the needs of users for frequent top-ups, transactions, withdrawals, etc. Although it is only 5%, it is also a considerable amount for exchanges that process transactions worth hundreds of millions of dollars every day.

But it should be clear that as long as the network is connected, hackers will use all their tricks to launch various attacks and ultimately seize the assets.

According to media reports, the hacking behavior of the exchange to steal coins came from APT organizations. APT organizations were originally active in the United States, Europe and other regions, and mostly targeted government-level encrypted intelligence.

In recent years, APT organizations have gradually shifted their targets to the field of Internet finance, and have continuously collected and captured sensitive files of 12 digital assets including BTC, LTC, ETH, 22 third-party wallets, and 8 trading platforms.

Through the analysis of attack traces and tools, it was found that the hacker's attack behavior characteristics are similar to those of previously exposed APT organizations. However, one of the characteristics of APT organizations is the extensive use of open source attack tools and methods, which can also be imitated and used by hackers outside the APT organization.

Are the assets on the exchange safe?

Thefts from exchanges happen frequently, but the exchanges whose coins were stolen refuse to admit the theft. After investigating the reasons, many users began to doubt the security of their assets.

Looking back at previous coin theft incidents, hot wallets are the main target of hacker attacks. The main reason is that they are the main storage location for user assets in exchanges.

As for how to deal with hacker attacks, exchanges can only maintain normal risk control. Generally speaking, users' assets in exchanges are relatively safe. What individuals need to do is to protect their personal information as much as possible and not disclose it at will.

No matter how many security mechanisms an exchange has in place, it is still within the “range” of hackers.

Zhao Dong, founder of DGroup, once said on Weibo: "There is a saying in the hacker circle that all websites can be hacked at a cost of $1 million. All security solutions cannot prevent themselves from being hacked. The only thing that all investors and exchanges can do is: 1. Reduce the probability of being hacked; 2. Minimize the losses when being hacked."

How to protect your exchange hot wallet

Hot wallets are the main target of hackers, so how can we better protect the security of our own property?

As a company deeply engaged in blockchain security technology, Kushen provides various personal wallet products such as hardware wallets, mobile APP wallets, cloud wallets, multi-signature wallets, and professional enterprise wallet products. The hardware wallet adopts a "cold and hot separation" architecture, and uses multiple data encryption transmission methods such as QR code, Bluetooth, NFC, etc. to keep the private key away from the Internet, completely eliminating the risk of private keys being stolen by network hackers, and realizing the safe storage of multiple encrypted assets.

Recently, KuShen and Token Asset have joined forces to launch the "Crypto Asset Multi-Signature Management System" and "Enterprise-level Wallet Management System ColdLar Enterprise" to ensure that user funds are not lost, which can effectively protect the asset security of the exchange.

The "Crypto Asset Multi-Signature Management System" is a complete set of crypto asset management solutions that can enable multiple people to jointly manage crypto assets to solve the needs of enterprises on how to safely and efficiently manage large amounts of crypto assets. This system ensures that the assets are truly in the hands of the core management, thus effectively avoiding theft by internal personnel.

"ColdLar Enterprise, an enterprise-level wallet management system" is a comprehensive asset service product launched by ColdLar for enterprises in the blockchain field. It can meet the needs of enterprises with millions of addresses, monitor address transactions (receiving and sending) in real time, and provide fund collection, financial statements and other functions.

These two sets of enterprise-level asset solutions are comprehensive asset security service systems tailored by KuShen for enterprise-level users such as encrypted asset trading platforms, custody platforms, payment platforms, and financial derivative business platforms.

This enterprise-level solution can manage 5% (adjusted based on activity) of the assets stored in hot wallets by exchange users using a cold storage solution, greatly improving the trading platform's independent risk control capabilities and ensuring the security of the entire system.

Currently, both systems are on the market and can be deployed locally. Customized solutions can also be launched to meet different needs. They have been favored by many well-known project parties and exchanges in the industry.

Although it is still difficult to confirm whether the APT organization is the culprit of the recent theft of digital currency, what can be confirmed is that hackers continue to attack exchanges and hoard digital currency, which also shows great affirmation of the market recovery or the arrival of the bull market.