Exchanges’ response to Bitrue hack shows maturing industry
The Bitrue hacker was able to gain access to the Bitrue hot wallet and withdraw 2.5 million Cardano and 9.3 million XRP (worth around $5 million). The hacker then sent the assets to several different exchanges, however, by working together, the exchanges were able to track and freeze the stolen assets.
The hack
On Twitter, Bitrue explained that a malicious actor was able to manipulate a shortcoming in the operational and organizational structure utilized by Bitrue to gain access to a number of customer wallets.
Bitrue tweeted: “At approximately 1 am June 27 (GMT+8), a hacker exploited a vulnerability in our Risk Control team's 2nd review process to access the personal funds of about 90 Bitrue users.”
Once the hacker had successfully gained access to the user wallets, he leveraged the information he had gleaned during the initial exploit to gain access to Bitrue’s hot wallets. A hot wallet is where exchanges hold the funds that are utilized by customers in day to day trading.
Access to the hot wallet allowed the hacker to acquire large amounts of Cardano and XRP, which he then attempted to launder through other exchanges.
Bitrue explained: “The hacker used what they learned from this breach to then access the Bitrue hot wallet and move 9.3 million XRP and 2.5 million ADA to different exchanges.”
An impressive response
Bitrue is being applauded by the crypto community for its swift, professional response to the incident. The exchange promptly detected the attack and immediately responded to the security breach to mitigate the loss of further funds.
Bitrue’s first action was to shut down all activity on the platform. Via Twitter, the exchange stated it was experiencing issues that led to an unplanned maintenance shutdown. Bitrue conducted an analysis of the hacker’s activity and was able to determine which exchanges the funds were being sent to. The Singaporean platform contacted all of the trading platforms to ask for assistance in freezing the stolen funds. Additionally, Bitrue alerted the relevant authorities in Singapore.
It is important to note that despite their initial intentional miscommunication to their customers, Bitrue was forthright with its customers as soon as it had completed the necessary security actions.
Bitrue stated: “Please note that at the time, due to uncertainty about the current situation, we stated that the exchange was going down for some unplanned maintenance. We apologize for this miscommunication with our users.”
Bitrue then assured its customers that all customer funds will be returned: “Once again, I want to assure everybody that their personal funds are insured, and anybody affected by this breach will have their funds replaced by us as soon as possible.”
A sign of growing maturity
The cryptocurrency sector is often likened to the Wild West because of the immature state of the market and its exchanges. Following the infamous Mt Gox exchange hack of 2014, every year has seen a number of similar incidents with crypto exchange security breaches an unfortunate reality of the industry. In 2019, seven major hacks have occurred with Bithumb, Binance, Cryptopia, Gatehub, and Dragonex all suffering losses.
However, the swift response to the Bitrue hack was an impressive sign of the growing maturity of the wider crypto exchange ecosystem.
When Bitrue contacted the exchanges that were receiving large amounts of the stolen funds these exchanges promptly responded to Bitrue’s request for help and were able to freeze many of the accounts receiving the funds.
This rapid response from other exchanges provides a strong disincentive to potential hackers. While there has been collaboration in the past between trading platforms after security breaches occurred, the Bitrue instance stands out because of the quick response from the other parties.
Some exchanges were able to freeze the affected accounts and stop the withdrawal of the assets. For instance, the non-custodial exchange ChangeNow stopped the entirety of the funds that the hacker attempted to pass through its platform.
ChangeNow stated on Twitter: “You might already know about the Bitrue incident that happened yesterday. We've managed to catch 100% of the funds passed through us - that's around $320,000 worth of $XRP.”
Other exchanges that were able to freeze an undisclosed amount of funds passing through their platforms include HuobiGlobal and Bittrex. Referencing the prompt response and actions undertaken by the contacted platforms, Bitrue stated: “It has definitely helped build confidence for the industry as a whole when communication and collaboration happen among platforms.”
Reinforcing this message, was CZ, the CEO of Binance. He tweeted: “Binance will actively block any stolen funds coming our way. The key is fast reporting (victim) and real-time blocking (exchanges). To this end, we developed an anti-fraud system just for this. Will make it available to all real soon, free of charge. #SAFU”
The collaborative response by the affected digital asset exchanges may be a turning point for the crypto hackers. If malicious actors are unable to easily access their stolen funds, there is a significant disincentive to orchestrate a security breach.
Finally, Bitrue had acquired insurance for all user funds. As a result, affected customers have already been refunded. Bitrue has effectively demonstrated how to handle a security breach with integrity. Prompt, and professional decision-making, a call for sector-wide collaboration to freeze funds, consistent public communication, and finally, insurance to reimburse customers.
OhNoCrypto
via https://www.ohnocrypto.com
Alex Lielacher, Khareem Sudlow