Bithumb, South Korea's largest crypto exchange, was hacked last night for three million EOS ($13 million). This is the second time the exchange was hacked in less than a year. This time, however, the exchange believes it was compromised by its own employees.
It has also been reported that up to 20 million XRP ($6 million) was targeted by the thieves, but the funds were secured by the exchange in the nick of time.
According to Dovey Wan, founder of cryptocurrency investment fund Primitive Ventures, the hack occurred between 1:00 and 3:00 PM (GMT) yesterday. The stolen EOS was moved to other exchanges including Huobi, Changelly and Coinswitch.
When the attack was discovered, Bithumb shut down its deposits and withdrawals process. In a statement, Bithumb said that the “incident involved insiders” who had access to the private keys of the account. It also said it had notified the Korea Internet and Security Agency and the country's Cyber Police Agency, and was working to get the funds returned. We have reached out to Bithumb for comment.
It appears the hacker tried to also steal large amounts of XRP from a separate account, but this might have been stopped in flagrante. Block explorer XRP Scan posted on Twitter that one account showed large amounts of XRP being sent from one account, with some transactions going to Bithumb’s main wallet and some going to external wallet addresses. However, it has been pointed out that some of the transactions had failed to go through, suggesting the exchange managed to thwart the theft.
Bithumb was previously hacked for $31 million in June, 2018. Ultimately, it managed to claw back half of the stolen funds. Can it do the same this time?