Crypto Exchange Bithumb Hacked for $13 Million in Suspected Insider Job

Bithumb-app
30 March 2019

Update (09:30 UTC, April 1, 2019): According to a report from CoinDesk Korea, Bithumb may have also lost 20.2 million XRP in the recent breach. The XRP, worth $6.2 million at current prices, was moved from Bithumb’s wallet on March 29 in transactions that can be seen on XRPSCAN. The exchange is not yet confirming or denying the report.

The odds of Bithumb managing to retrieve the stolen funds may be small, according to crypto security expert Cosine Yu, co-founder of security firm SlowMist. The hacker has already managed to “launder” most of the stolen EOS and XRP, Yu said, meaning the assets have been transferred to a large number of addresses that are not necessarily owned by any exchanges.

“The laundering strategy this time is clever as the theft did not send most of the funds directly to addresses owned by exchanges. … So it’s almost impossible for Bithumb to retrieve these funds,” Yu told CoinDesk. 


South Korean crypto exchange Bithumb has had around $13 million in the EOS cryptocurrency stolen in a hack it suspects was an insider job.

The company confirmed in statement on Saturday that it first spotted an “abnormal withdrawal” of the cryptocurrency through its monitoring system at 22:00 Korean time (13:00 UTC) on Friday, March 29.

The exchange suspended asset withdrawals and deposits on the platform after noticing the breach.

Bithumb stated:

“All the [stolen] cryptocurrency is owned by the company, and all members’ assets are under the protection of a cold wallet.”

According to a report from CoinDesk Korea, the exchange was hacked for a total of 3.07 million EOS, which was withdrawn from the exchange’s “hot” (internet connected) wallet through a series of transactions.

Based on the data from CoinMarketCap, EOS is currently trading at $4.22, making the total value of the coins lost around $13 million.

The company said in its statement that it suspects the hack was conducted by an insider, since no evidence of external exploit has been found.

Bithumb has already notified government agencies and is conducting an internal investigation. It said it’s also working with major exchanges with the expectation of recovering some of the funds.

Additionally, the remaining assets in Bithumb’s hot wallet have been removed to its cold (offline) wallet to prevent further losses until the manner of the breach has been identified and any vulnerabilities fixed.

According to CoinDesk Korea, Lee Sang Sun, described as one of the only EOS arbitrators in South Korea, said, “Overseas exchanges such as Bitfinex manage their EOS wallets with a multisig system, but Bithumb managed its with a single key.” However, this detail is not confirmed at press time.

The news comes nearly a year after Bithumb was hacked for some $30 million-worth of cryptocurrencies. The exchange experienced an initial loss of 2,016 bitcoin, 2,219 ether and other coins, but later claimed to have retrieved $14 million-worth of the hacked funds.

Editor’s note: Some statements were translated from Korean.

Bithumb image via Shutterstock