Bithumb, the fourth largest Bitcoin exchange has been hacked
5.7.2017 securityaffairs CyberCrime

Bithumb, one of the world’s largest Bitcoin and Ether crypto currencies exchanges, has been hacked. Over $1 Million worth Bitcoin and Ether stolen.
Bithumb, one of the world’s largest Bitcoin and Ether crypto currencies exchanges, has been hacked. The hackers have stolen more than $1 Million in crypto currencies from the accounts of several users of the South Jordan exchange.

Bithumb is the first Ethereum exchange worldwide and the fourth Bitcoin exchange, the company accounts for 20% of global Ether trades and nearly 10% of the global bitcoin trade.

The cyber heist occurred last week when crooks compromised a number of user accounts stealing the precious currencies.

The Bithumb exchange confirmed Yonhap newspaper that it reported the incident to South Korea’s cybercrime watchdog on June 30, after it learned of the security breach on June 29.

According to the local newspaper Kyunghyang, hackers have stolen around 10 Million Won worth of bitcoins from a single account. It is quite impossible to exactly estimate the overall losses, a survey of victims states that hundreds of millions of Korean Won have been stolen from accounts of one hundred users.

“It seems that dozens of people have suffered financial damage as a result of a leak of personal information of customers last month in BITSUMM, Korea’s largest virtual money exchange with a daily trading volume of more than 700 billion won.” states biz.khan.co.kr.”According to a survey of people who lost money by Bitsum hack, which was created on February 27, it is estimated that hundreds of millions of won have been withdrawn from accounts of one hundred investors. One member claims to have been stolen by 1.2 billion won.

Hackers also stole personal information of 31,800 Bithumb users, including names, email addresses, and mobile phone numbers, states the South Korean Yonhap News.

Bithumb hacked

Bithumb claims that only 3% of its customers were affected by the security breach.

The exchange also told Yonhap that it contacted South Korea ‘s cyber crime watchdog on June 30, Friday after it learned of the hack on June 29.

“Bithumb said it realized last week that one of its employees’ home personal computers was hacked.” states the Yonhap agency.

“The exchange said it believes that personal data on about 30,000 customers had been compromised, though the stolen data did not contain any of their passwords. Still, some of the customers claimed they suffered financial damage.”

Bithumb speculates that the hackers breached the home computer of one of its employees, the company excludes that its entire network was compromised.

The digital currency exchange says that the loss of funds is the result of using “disposable passwords” in order to carry out digital transactions online.

“The employee PC, not the head office server, was hacked. Personal information such as mobile phone and email address of some users were leaked,” Bithumb told the newspaper. “However, some customers were found to have been stolen from because of the disposable password used in electronic financial transactions.”

More than 100 Bithumb customers have already filed a complaint with the National Police Agency’s cybercrime report center.