Bitcoin Forum

https://www.coindesk.com/japanese-exchange-bitpoint-hacked-by-32-million-worth-in-cryptocurrencies?utm_source=twitter&utm_medium=coindesk&utm_term=&utm_content=&utm_campaign=Organic%20

Bitpoint, a licensed cryptocurrency exchange based in Japan, has been hacked for $32 million in crypto assets.

According to a CoinDesk Japan report on Friday, Bitpoint halted all services including trading, deposit and withdrawal of all crypto assets on Friday morning after it noticed irregular withdrawal from its hot wallet on Thursday.

It is not yet clear at this stage which types of assets were lost, the exchange offered trading for five cryptocurrencies: bitcoin, bitcoin cash, ether, litecoin and XRP.

The exchange’s parent company Remixpoint Inc. said in an announcement that $23 million of the illegal outflow belonged to its customers.

The news marks the latest breach of a Japanese exchange. In September 2018, Zaif, also a licensed exchange under the Japanese Financial Services Agency, was hacked for $60 million worth of cryptocurrencies.

Earlier last year, Coincheck was also breached, resulting in more than $520 million worth of cryptocurrencies being stolen.

That's about 2750BTC worth... Did the hackers actually get to cash out and it maybe was part of the cause that made Bitcoin go under 11k, or we can expect another drop these days?
It saddens me to see that each and every exchange need to get hacked first in order to get their security really good... :(

I think this is to small amount of money to cause any negative changes to the market, especially because this is not some well known crypto exchange. Binance hack of 7000 BTC few months ago had almost no negative effect, so it seems that people do not fall so easily under the influence of the bad news.

Problem for crypto exchanges is in fact that most of them keep too much coins in hot wallets, and that is invitation for hackers. Japan is have strict rules for crypto exchanges, but consider all the hacking which happen there, some things are obviously just a dead letter on paper.

News about cryptocurrency exchange platforms being hacked aren't sensational anymore. :-\
This happens really often and the smaller exchange platforms don't have the money(or simply don't want to invest)to upgrade their security.It's weird that most of the hacked exchanges are from Japan and South Korea,two of the most technologically advanced countries in the world.

When I was a little girl I was told repeatedly that Asians were all competent and efficient and stuff yet Japan and Korea have become the world capital of hacks. I thought the extremely expensive and comprehensive Japanese licencing was partly about satisfying the people who issue them that this wouldn't happen?

I'd be very curious to know what places like Coinbase and Gemini are doing that these places are not.

never happened before and now again ....
what is sad it is not even surprising anyone anymore
hacks or "hacks" happen nearly every month and even the countries like Korea and Japan are not exempt
I suspect some , if not many of the hacks were inside jobs , but the security issues stands - I would not hold any substantial amount of coins at any exchange anymore
this was a lot of coins too and we could see them stolen coins dumped elsewhere and the price go down because of that

There were many exchanges that had not only the hot wallets hacked but also the cold wallets,only Binance cold wallets resisted the hacks I believe.
If an exchange cares about security inside jobs shouldn't even be possible, they should be the first secuirty measure to implement before caring about external hackers..
I don't think we should blame the people that are working in these exchanges. Cryptocurrency is relatively new  and exchanges are a big target because they are not as secure as banks it's very hard to maintain security in this environment.

Yes we should.

Look at the Coincheck hack. They lost hundreds of millions of dollars' worth of XEM because ALL of it was in a hot wallet. This is a coin that actually has multi sig built into it yet they couldn't be bothered to use it.

Even if they'd spent $90 on a Trezor it would've been prevented but it was clearly preferable to lose $500 million instead.

Of course we should. We should also blame people letting their coins sit in an exchange if they aren't trading. After everything that happened in Japan I wouldn't trust a single exchange there.

How many Japanese exchanges have been hacked now in a fairly shorty period of time? 5? Something is fundamentally wrong with how these people think an exchange should be operated. It's mind boggling.

These guys clearly don't know how to handle the responsibility of making sure people's funds are safe. I'm sure the only thing they focused on were the profits that they were generating.

It not that it is Japanese or Korean.

It is that they have lots of liquid coins . So they are targets.

No exchange is truly “safe” from hacks.

Inside jobs abound.  Many times two insiders are all that is needed.

I keep coins in trezor and in core wallets. And very little in exchanges .

Say 10 to 1 ratio.

Well, the exchange should cover what they lost. If not, traders are screwed. Some exchanges that are backed and lost the funds were closed and never recovered and so as the traders fund. That's sucks because it's suppose to be their responsibility to take care of the funds but end up losing it because of negligence of their responsibility.
And we as traders, we have a responsibility to check whether the exchange is safe enough and credible enough to use. Do they have insurance policy if ever some incidents like this happen?
 Maybe at some point. But what people do know that this will happen? It's still on the exchange. They are keeping the funds. They should have made a better security.

There are already so many incidents of security breaches in exchanges.
I wonder why people still save their cryptos in exchange wallets and they don't store them in any hardware wallet of something away from exchanges. For so many times, hacks have happened and will continue to happen.

Uh, there have been dozens of hacks in the last couple of years if we include other countries. It should be known that exchanges aren't immune to hacks, and hackers especially at these prices are trying their best to get in.

Also, better security is better until it no longer is. If an exchange adds important changes to enhance their security today, it might be outdated tomorrow and therefore vulnerable.

The best is to not rely on an exchange for storage purposes. Buy a sub $100 hardware wallet and you can store most of the top crypto currencies. This is how hacks will no longer impact your holdings.

The wound of Mt. Gox still didn't fully heal and every time an exchange gets hacked, there are people who start to worry that it will cause a price crash, but the recent history shows that Bitcoin today is big enough to ignore such problems. Fiat doesn't crash when a bank is robbed (and there are some pretty big hacking cases when millions got stolen), so why should Bitcoin crash, especially when the sums are small compared to all the coins in circulation.

Not again but actually im aint surprised anymore for these exchange hacks everynow and then.Just wondering why Korean and Japanese exchange do always been targeted out? Does this mean they have weaker security or just really prone to inside jobs of its employees?

With another exchange falling victim in Japan I think they already have more than 3 strikes already to say that they don't need a change when it comes to their crypto exchange regulation. I know that they have recently changed it in the oast but by doing so they have give new licenses to new exchanges so that's one to consider that their enforcement is not enough to control and monitor several exchanges in the country. At this point the Japanese government needs ti step in as their citizens are severely affected by it.

One of the arguments for Japan's licensing scheme was to make sure the exchange security setups were robust enough to protect Japanese investors. A lot of good that did, eh?

Expensive licenses make for huge barriers to market entry, but it doesn't create competent exchanges...

The hackers are still at it...
It's like every other week there is an exchange being robbed.

At least I never heard of the exchange until now. If it was binance again, then i'd be a tad worried about the markets.

It's not necessarily that these countries are a target, but more so that these countries are such a big player in the exchange market. There are so many exchanges there that it's quite normal for these countries pop up more than other countries in this negative aspect. Another contributing aspect is the rapid growth in that region where exchanges rush to go online but with lesser overall security unfortunately.

I'm not even wondering how people can be so stupid to leave their precious coins at an exchange. I know people are messed up in the head. They won't change.

Also, that China was the cheap copycat of Japanese products. Today, most Japanese products are made in China hehe.

In any case, I reckon this might be another inside job. Yakuza hehe?

Too many exchange on a certain region isn't really that necessary but these owners do see that this is a profitable business that's why they do hurry up on creating one.I agree with your point which due to rushing of things which in result into poor security aspect.One more question,why people on that certain area tends to use that local exchange rather than going into the top exchange rankings?

It is very easily possible, imagine yourself in a situation when you have access to dozens or hundreds millions $, and you can hack them anytime. Some simply can not resist to such temptation, and if they are smart enough until it is discovered who is the true culprit, they may be far from the reach of justice.

Crypto exchanges should pay more attention to their employees, they are in most cases the weakest link in the security chain.

I always welcome more competition. It helps improving the services exchanges provide and also makes them cheaper to use for people.

It's likely the regulatory climate there starts to become stricter due to how governments slowly but surely catch up on the developments happening within their country. Especially in Asian countries capital control is a very big deal. Crypto makes it way easier to circumvent them, hence the governments there are subjecting the exchanges to strict regulations.

Another reason could be the insane capital gains taxes people in the different countries pay there. Depending on the country and the hight of profits, you might end up paying 50% of your profits straight to the government.

Agreed. Someone can also threaten an employee or the employee's family to force him to do whatever the criminals want within the exchange.

Bitpoint Reveals Amounts Stolen, Pledging to Reimburse Users in Crypto

https://i.imgur.com/217froz.png
https://cointelegraph.com/news/bitpoint-reveals-amounts-stolen-pledging-to-reimburse-users-in-crypto

Japanese exchange Bitpoint has published the breakdown of crypto assets stolen in the 3 billion yen (~$27.8 million) hack of its platform earlier this month.

A document published by Bitpoint’s parent firm Remix Point Inc. on July 16 reveals that five crypto assets in total were stolen by the attackers. The breakdown provided by the company compares the proportion of stolen customer assets with assets belonging to the firm:

    1,225 Bitcoin (BTC) worth 15.3 billion yen — 1.28 billion yen belonging to customers and 250 million to the firm;
    1,985 Bitcoin Cash (BCH) worth 70 million yen — 40 million yen (customers) and 0.2 billion yen (firm);
    11,169 Ether (ETH) worth 330 million yen — 240 million yen (customers) and 0.8 billion (firm);
    5,108 Litecoin (LTC) — 0.5 billion yen, of which 40 million yen (customers) and 0.0 billion yen (firm); 28,106,323 XRP — 10.02 billion yen, of which 2.6 billion yen (customers) and 960 million yen (firm).

Out of the 3.02 billion yen stolen in cryptocurrencies overall, 2.6 billion yen belonged to customers and 960 million yen were company assets. XRP accounted for the highest share of total losses, with stolen XRP accounting for over 10 billion yen — roughly a third of the lost funds.

Bitpoint has moreover revealed its plans to compensate customers in cryptocurrencies rather than in their equivalent fiat value.

The exchange reiterates its belief that the breach occurred due to unauthorized access to the private keys of its hot wallets, and that it now plans to move all holdings into cold storage.

It confirms that no breach of its cold wallets has been detected, but states that it continues to monitor the situation and is also suspending all services until more comprehensive security measures have been undertaken and the firm has completed its tracking of the stolen funds.

The document reveals that Bitpoint is cooperating with the Japan Virtual Currency Exchange Association (JVCEA) — a self-regulatory crypto exchange association that formed in March 2018 to help establish industry-wide investor protection standards — and has requested that the association monitor any suspected ill-gotten funds and wallets potentially associated with the incident. The exchange is also reportedly in close communication with the Ripple Foundation.

As reported yesterday, Bitpoint discovered over 250 million yen ($2.3 million) in crypto that was stolen during the hack, bringing the total sum of lost funds down to its initial estimate of 3.5 billion yen ($32 million) to 3.02 billion yen ($28 million).

Cheap is indeed expensive and It's too late to act now.
So these guys have known that cold wallets are way more safer than whatever options they have but still went on with hot wallets knowing very well that such wallets are easy targets.

Now a lumpsome has been lost when a few dollars worth of cold wallets would have saved them all this inconvenience or am being short sighted this could have been an inside job and they are trying to save themselves the embarrassment by selling us such a story, because by now we should have learnt from other people's mistakes who have gone through this before.

Now they want to play detective by following the money trail, SMH.

I don't know, but I have a feeling that Japanese market is really being targeted by some groups - state sponsored hacks, I just had this feeling though, I won't mentioned names but I'm sure most of you know who am I referring to.

Anyways, I wouldn't say that they are incompetent, they know that their country has accepting crypto and I'm sure they know a thing or two or at least learn the lessons from past Japanese exchange hacks.

There is no end in sight for these exchange hacks. I am sure that this one was either an inside job, or a hack that was aided by someone from the inside. Else, how is it possible to hack a hot wallet which is under constant surveillance by the exchange staff? They should first screen all of their former employers, especially those who resigned within the last 3-4 months.

At least the CEO promises to compensate users-

Bitpoint Hack Shows That Regulators’ Scrutiny Does Not Equal Safety

https://i.imgur.com/sTdLGk2.png

https://cointelegraph.com/news/bitpoint-hack-shows-that-regulators-scrutiny-does-not-equal-safety

Genki Oda, founder and CEO of Bitpoint, told Cointelegraph that his platform is going to compensate its users, although without mentioning any specific time frame. Additionally, Oda said it was in touch with fellow exchanges Binance and Huobi regarding the freezing of stolen funds that have allegedly ended up in their wallets following the security breach. Such collaboration with other trading platforms is a common method of mitigating cryptocurrency hacks, as it prevents fraudsters from cashing-in on their loot. “If you know other way for locking or getting back the hacked crypto, please let us know the ways,” Oda added.

Moreover, Bitpont has announced it is going to compensate customers in cryptocurrencies rather than in their equivalent fiat value.

Still, one of the biggest problems for cryptocurrency has been and remains the vulnerability of hacking and hacking. And almost all the protection hackers come up with their own ways of hacking. Here, while we can say that the cryptocurrency is still developing and improving methods for protection.
A separate problem so far is hacking wallets and e-mail users of cryptocurrency. Although they occur in most cases due to the fault of the users themselves, this also has a very negative effect on the relatively slow cryptocurrency so far.

I am always feeling sad whenever another cryptocurrency exchange has become victim of hacking. It is quite unfortunate that the same story can go on and on because for now there is no guaranteed technology that can block talented and intelligent hackers who can e based in rogue countries we know of. Hacking has become a big business and with exchanges holding millions of coins and tokens these hackers will do everything possible because the prize is enormous. I am just hoping that something can really be done to once and for all stop this problem in the industry.

This is really a dangerous thing to happen as thousands of investors lose their money in such process and also it demoralises new entrants to trade as they always fear of losing money in such instances . Even government gets panicked and does not easily make it legal in their country considering this fact as well .

Why does this keep happenning? Have not they learned from the past recent hacks that sum up to billions of dollars? I agree with the previous comments about having ledger wallet and it should be mandatory for users of exchanges to own it before the can be allowed to trade. Having a ledger wallet should also be part of KYC process where they take photo with it to make the verification complete.

All holdings? Meaning no on-demand withdrawals? I suppose that's how BitMEX operates. Maybe this is the direction exchanges should head in. I'd feel safer trading on an exchange with 100% cold storage and would be fine with delayed withdrawals if that were the reason.

Yes, I agree with you on this one.Coincheck did almost nothing to ensure security of the coins.

I don't think any exchange really master how to prevent hacks.Even Binance, one of the most known exchanges with a solid team of engineers was a victim of a hack.It's not that easy to perfectly master a new growing field in terms of security that's IMHO we shouldn't blame them too much.