Bithumb, the exchange recently hacked last week to the tune of around $20 million, sent out an e-mail this morning asking customers to cease making deposits until further notice. The exchange reiterates its claim that no customer funds are lost. Instead, the request is to help investigators. It reads, in part:
We would like to ask you to stop making deposits of cryptocurrency in order to check our member’s assets through external organization and to cooperate with the investigating agency in connection with an accident that is supposed to be an internal embezzlement that occurred on March 29th.
“Internal embezzlement” is the fundamental risk with centralized exchanges, of course. Just as banks and armored vehicles are never entirely safe, keeping millions of dollars within reach of humans will always present the risk of fraud. In this case, the attacker, who is roundly believed to be a Bithumb employee, chose not to take from the customers. But it’s certainly imaginable that he or she could have.
Bithumb says they will be undergoing a disclosure and due diligence process following the investigation, effectively to allay customer fears of insolvency. The probe may or may not yield the identity of the attacker. The track record of investigations into exchange hacks is spotty. It’s hit or miss – sometimes the bad guy gets caught, often enough their identity is never revealed.
[W]e are planning fair and objective due diligence review on all assets we hold through a reliable external Audit(accounting firm). In addition, KISA [Korea Internet & Security Agency] and the police are requested to conduct an intensive investigation on this accident. Therefore, it is necessary to confirm the assets through temporary suspension of deposit / withdrawal service.
Bithumb had a round of layoffs last month. So far no one has made the connection between these layoffs and the attack, but the two things happening in such a short space of time certainly makes for an interesting theory. Someone loses their job but not their knowledge of the security structure. Someone decides to extract a golden parachute. It wouldn’t be the first time that a disgruntled ex-employee had compromised the security of a notable organization – look at Edward Snowden.
Perhaps in hopes of surviving the backlash, Bithumb is still allowing deposits and withdrawals of cryptocurrencies that weren’t part of the hack, as well as fiat deposits of Korean Won. In terms of volume, Bithumb’s self-reported volume has more than doubled since March 30th, according to CoinMarketCap. The exchange doesn’t show up at all on the “adjusted volume” rankings of that site, but its reporting moves it up the ranks, from 30th to 26th, since March 30th.
Bithumb’s self-reported volume on March 30th was $330,910,359. On March 27th, two days before the attack, it was over $1.2 billion. At press time, it is $838,102,877. Again, the exchange doesn’t rank at all on the “adjusted volume” tab on the same website. Major exchanges like Binance are far from the top on the “reported” volume tab, with a site called Fcoin leading the way at press time with over $5 billion in reported daily volume.
Fluffed volume metrics are a serious concern in cryptocurrency circles at the moment, with ETF applicants like Bitwise discounting up to 95% of all volume to assuage the regulators’ fears.
In its e-mail to customers, Bithumb also asks customers to pay attention to global rates of cryptos they might be interested in trading, as several factors may distort the prices shown on the exchange.
Moreover, the price of some cryptocurrency has been fluctuating due to internal and external influences such as the suspension of cyptocurrency deposit / withdrawal service. cryptocurrency is traded around the world 24 hours a day, so fluctuations in the value of the currency may increase due to price fluctuations. Please pay attention to the investment loss.
The future is uncertain for Bithumb at this point. Layoffs followed by a big hack don’t exactly instill confidence in an already skeptical community. You can report all the high volume figures you like, but in the end, people have to trade on your platform for you to earn fees and stay in business. Bithumb remains one of two major Korean crypto exchanges, but like all crypto traders, Koreans have hundreds of alternatives.