Cryptopia Cryptocurrency Platform Services and Development

[bisti]

Todays message from Cryptopia Discord server:

Update from Managing Director of Cryptopia Exchange.

The co-founders, shareholders, executive and the entire Cryptopia Team appreciate the support that is being demonstrated here.

We cannot even consider re-opening the exchange while the investigation is in progress.

To even consider doing so would be totally irresponsible of us as it could likely make the way clear for further attacks and even more damage.

Please have patience and faith. We will continue to update everyone as and when we can. Take no notice of the armchair experts.

Can you share the Invite Link of their Discord Server? Its totally unprofessional sending an update on their discord while most people are waiting for an update on their twitter account.

Trust me, you dont need it, it is full of retards who are shocked by the fact that you are asking for any info or update about how / or when could I possible withdraw MY money.

HOW DARE I???

[Nexu$]

@xtraelv Muchly Wow!

As a non-employee you would lecture now about multiple 51% attacks you know nothing about?

Held to ransom is what Cryptopia did to the SexCoin community and to about another 100+ alts coins similarly affected. And as @einsteinium correctly points out, there were multiple attacks over many weeks over many, many alt coins.

You should read up on these posts before you click reply.

How do you propose that an exchange detects 51% attacks ?

(Keep in mind an exchange wallet could contain up to a 100000 public and private keys and take a week or more to sync.) Each coin would have at least 5 or more wallets and I think they list around 400 coins.

Why did the coin devs not alert them about an attack on the blockchain ? Surely something with  $?? millions in marketcap is not left unattended or unchecked for blockchain exploits ?

Bitcoin for instance tracks all the ophaned blocks https://www.blockchain.com/btc/orphaned-blocks

Keep in mind that in a 51% attack the blockchain held balance is being exploited and manipulated - not anything on their exchange servers. Confirmations come from the blockchain nodes.

A 51% double spend attack alters the balance held on the blockchain well after the blockchain has provided the set confirmations that (I'm assuming) have been agreed upon by the coin devs and the exchange as being adequate for that coin. (If the confrimations were inadequate then why didn't the coin devs alert them. If the coin network devs were aware of the attack why did they not alert them - which are both a listing requirement in their TOS).

I am not aware of the full extend or specific details but I spent quite a bit of my spare time analyzing some 51% attacks for the article I wrote.

Could you give me the link to the article you wrote about the 51% attacks? I would like to understand how this happens. Thank you

[Lafu]

Could you give me the link to the article you wrote about the 51% attacks? I would like to understand how this happens. Thank you

Here you can read :  How does a double spend 51% attack work ? Explanation and examples.

[yurimir]

Fascinating investigation on the Cryptopia exchange hack - Some overdue transparency into the Cryptopia exchange hack

https://elementus.io/blog/cryptopia-hack-transparency/

[Winstar78]

Fascinating investigation on the Cryptopia exchange hack - Some overdue transparency into the Cryptopia exchange hack

https://elementus.io/blog/cryptopia-hack-transparency/

very interesting and insightful. Now I can imagine why Ormeus dumped so much (also MGO) even if looks like the hackers still did not dump all on the market.

very, very scaring that cryptopia could have lost access to all his wallets. At this point they can have lost access to bitcoins, too. And they are desperately trying to recover the private keys so they dunno what to say to the public in the meanwhile.

now the only question is: will we recover at least a fraction of our funds? Will cryptopia go bankrupcy? Because, there will be for sure some idiot who will sue cryptopia because obtaining only a fraction of the funds, not knowing that going to court means locking all for years, like mtgox or recently bitgrail.

[almightyruler]

very, very scaring that cryptopia could have lost access to all his wallets.

It's possible they've lost access to private keys, but it's also possible that they were ordered to shut everything down by Police and were therefore not able to move remaining funds to cold storage. I would imagine that even experienced forensic/cyber criminal investigators assume that shutting down a compromised cryptocurrency server safeguards against further loss... which is very, very wrong.

[HI-TEC99]

very, very scaring that cryptopia could have lost access to all his wallets.

It's possible they've lost access to private keys, but it's also possible that they were ordered to shut everything down by Police and were therefore not able to move remaining funds to cold storage. I would imagine that even experienced forensic/cyber criminal investigators assume that shutting down a compromised cryptocurrency server safeguards against further loss... which is very, very wrong.

If they had lost access to private keys their Bitcoin wallets would have been the first thing to get emptied. It's more likely they are taking legal advice on what their options are from lawyers.

[trackers]

So the latest rumour I've heard (I live in this city and know people that work there) is that one employee (a person I used to know from the IT sector incidentally) is of particular interest, taking an overseas holiday the day before the hack at no/little notice, and is now unreachable.

Again just a rumour, though does correlate well with the elementus article which suggests the whole db has been yoinked

[xtraelv]

https://www.police.govt.nz/news/release/police-making-progress-crypto-currency-investigation

[four3200]

https://www.police.govt.nz/news/release/police-making-progress-crypto-currency-investigation

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

[Labrader]

Todays message from Cryptopia Discord server:

Update from Managing Director of Cryptopia Exchange.
The co-founders, shareholders, executive and the entire Cryptopia Team appreciate the support that is being demonstrated here.
We cannot even consider re-opening the exchange while the investigation is in progress.
To even consider doing so would be totally irresponsible of us as it could likely make the way clear for further attacks and even more damage.
Please have patience and faith. We will continue to update everyone as and when we can. Take no notice of the armchair experts.

Actually a very responsible thing would be to allow read-only access, so that customers may take snapshots of their accounts.

[RivAngE]

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

If we think about it, whichever wallet was compromised would be emptied; for example why would the hacker get 1000 ETH if the wallet had 2000 ETH?
So what's stolen is stolen. I don't think it's possible to hack a new wallet while the exchange is not operating.

[paramind22]

You would think in these days of all these new computer programming languages and AI that batch files could be run of each user's remaining balances, and a text file dump of that information be given to each person upon a log in.    Maybe in five years, or maybe people in general are just too uncaring or lazy of think of that and create it.

[four3200]

Why no motion of all coins from the hot wallets to cold, as a security precaution?
Has this been done?
This would be the first move to make if keys are compromised.

If we think about it, whichever wallet was compromised would be emptied; for example why would the hacker get 1000 ETH if the wallet had 2000 ETH?
So what's stolen is stolen. I don't think it's possible to hack a new wallet while the exchange is not operating.

Any wallet/coin could possibly be compromised.
The second (the very second) you know that unauthorized TX have been sent you immediately shift funds to new privkeys as fast as their block chains can move.

Next you inform and sign where/howmany COINS you still have in secured custody.

Dead simple.

[four3200]

Before Christmas Cryptpoia sent out a blanket email stating that they had been hacked by 100+ alt coins (via a 51 % attack) and were closing those markets.
<snip>

xtraely and lafu and anyone else claiming to be representatives of Cryptopia definitely aren't because they would have been instructed not to make any statements while a criminal investigation is on going.

Neither Lafu nor myself are employees of Cryptopia. Nor are we authorized to make any statements on their behalf.  There is no official representation of Cryptopia on Bitcointalk as they only consider discord and twitter as official media channels.

As a client of the exchange I probably have more $ at risk than most.

You are correct that their staff have instructed not to make any statements. Most are on leave as the offices are considered a crime scene.


The other incidents last year that you mentioned are different.

A 51% attack by definition is a blockchain based attack. https://www.investopedia.com/terms/1/51-attack.asp It means the blockchain has been exploited and fraudulent transactions by a single attacker have caused the genuinely mined transactions to be discarded through chain re-organisation and orphaned. Some reputable devs have re-embused their customers that have been affected by a blockchain 51% attack.

I explained how such an attack works here: https://bitcointalk.org/index.php?topic=5035336.msg46025953#msg46025953

In May Bittrex was the victim of a 51% double spend attack on the Bitcoin Gold network. The Bitcoin Gold developers only offered to partially compensate Bittrex for the losses and Bittrex chose to delist Bitcoin Gold instead.

A coin network that allows a 51% attack double spend happen is neither decentralized nor immutable. Both of which are essential for a trustless network.

Many coins have changed from POW to Hybrid, POS or a more complex algo or discontinued because they are unable to prevent attacks on the coin network.

In regards to 51% attack please read https://bitcointalk.org/index.php?topic=494708.msg48633011#msg48633011
One day or initial wave of hacking is on devs.
10 days of hacking is on exchange.

Do you agree?

Actually it was on the customers.
Lost coins & Lost listing.

[which in hindsight is not a bad deal]

[Larsin]

Tell me please, is there anything heard about tether? I have 3,000 of them there

[psycodad]

Tell me please, is there anything heard about tether? I have had 3,000 of them there

TFTFY

P.S.: Not making fun of your loss just pointing out the facts. I myself have had ~0.35 BTC in alts, BTC and LTC in topia when they went dark.

[RivAngE]

I don't understand why hasn't the community found out if Cryptopia's BTC wallets have been emptied as well or not.

I hadn't deposited or withdrew any BTC recently and I don't think I can find my last transaction with Cryptopia and track it, but I'll try it.
Wouldn't someone else have it traced and found their BTC addresses though?

[krysta11]

I don't understand why hasn't the community found out if Cryptopia's BTC wallets have been emptied as well or not.

I hadn't deposited or withdrew any BTC recently and I don't think I can find my last transaction with Cryptopia and track it, but I'll try it.
Wouldn't someone else have it traced and found their BTC addresses though?

It's one of hot BTC Cryptopia wallets(possible old)
https://chainz.cryptoid.info/btc/wallet.dws?55139810.htm

[RivAngE]

Okay I think I found the Cryptopia's BTC wallet. My deposit there is kinda old and I can't recall 100% if it's the address I deposited was Cryptopia's or another exchange's, but I traced the movement and since the wallet's movements stopped on 14th January I'm 99% sure it's Cryptopia's.

This is their wallet: 3ALZ4ALw2T4jebXXUy8GMv2rLB7JpFL1JD

After many hops between 1-use addresses, I find a big amount of funds consecrated here: 12YBZCaPe45LFbvgYWP5AVm3pvZTtHTiNY
This was a new address created on 13th January.
It seems that after gathering BTC from different Cryptopia's wallets, summing 392.31 BTC, they sent a "test" transaction of 3 BTC on 14th January and 10 minutes later they sent all the amount to the same address.

From that point on, it seems like the funds were split to multiple addresses, probably many of which are exchanges.

Your thoughts? Anything I missed maybe?