In another blow to the crypto industry’s reputation, South Korean bitcoin exchange Bithumb was hacked again on Saturday morning. The hack marks the second time the exchange has been successfully penetrated in less than a year. Is arrogance or incompetence to blame?
The Bithumb hack saw the offenders make off with around $20 million worth of EOS and Ripple (XRP). Three million EOS were stolen, along with 20 million XRP tokens. Influential crypto analyst Dovey Wan initially tweeted that the exchange’s cold wallet had been targeted, though that ultimately proved to be inaccurate:
Bithumb was previously attacked last June, losing around $30 million worth of cryptocurrencies. That came within three weeks of an agreement it reached with Korean tax authorities to pay $28 million worth of back taxes. The timing raised eyebrows in the industry. High profile crypto twitter identity WhalePanda certainly saw red:
South Korean crypto exchanges have a woeful record of exchange hacks, embezzlement, and fraud. Yobit was hacked twice in 2017, once in April for $35 million and again in December. The December hack forced the exchange to file for bankruptcy.
It then re-emerged as Coinbin within months. In February this year, Coinbin filed for bankruptcy after failing to recover from $26 million in losses. Claims of an inside job and embezzlement circled the embattled company. That followed a late 2018 exit scam by Pure Bit, which disappeared with 13,000 ETH.
Bithumb’s most recent hacking is inexcusable. Given the country’s record of security breaches and Korean authorities’ crackdown on the industry, one might expect Korean exchanges to have the most rigorous security protocols in the world.
The fact that it has been less than twelve months since its last hack indicates Bithumb has a complete lack of regard for its customers’ welfare. Hot wallet balances must sit at an absolute minimum to maintain the necessary liquidity at exchanges. Having a $15 million EOS hot wallet balance is irresponsible. Way back in July 2017, hackers infiltrated the exchange’s records and gained access to personal data of 30,000 customers and all of its employees.
Korean regulators tried to clamp down on the industry and reign in the criminal elements operating within it. It appears that while they may have put some businessmen in prison, they have failed to instill a security-first attitude among exchange operators.
It will be fascinating to see if the Korean public finally gives Bithumb the thumbs down it deserves – assuming, of course, they have faith in any alternatives.
Koreans once paid a kimchi premium for cryptocurrencies. It appears the premium price was for an inferior product.