Coinrail Suffers Security Breach, Reportedly Loses $40 Million Worth of Crypto

[cybersofts]

Cyber attacks targeting cryptocurrency exchanges have been occurring for a while now, with the collapse of Mt.Gox in 2014 being perhaps the most notorious example. Prominent exchanges such as Bitstamp, Bitfinex and Coincheck have also been successfully hacked in the past, with Coincheck losing more than $500 million worth of their customers’ funds earlier this year.

Yesterday, another successful hack was added to the list when Coinrail, a relatively small South Korean cryptocurrency exchange, suffered a security breach that resulted in stolen funds. For now, it is unclear exactly how much the thieves got away with, but the Pundi X team says 2,619,542,080 NPXS (about $14.66 million at the time of writing) were withdrawn from the exchange in an unauthorized transaction. The amount represents a significant amount of all NPXS tokens in circulation, which prompted the team to respond:

    “Since the amount of NPXS token is equal to 3% of our current supply, which could potentially affect the interests of all parties, we instigated an emergency security protocol to halt ALL the NPXS transactions at 11:16 am Singapore time (GMT+8) to protect NPXS holders and help Coinrail and Korean law enforcement to investigate the incident.”

Apparently, the hacker(s) transferred the funds to IDEX, but the exchange collaborated with Coinrail and Pundi X and froze the account which deposited the tokens. South Korean authorities are already on the case, and we hope that the attackers will not be able to profit from the crypto assets they have stolen.

The attackers also stole an unknown amount of other tokens from the exchange, but details are still unclear with some news outlets reporting that about $40 million worth of tokens were stolen.

A number of observers blamed this security breach for yesterday’s heavy price drops, but this seems a bit far-fetched. Coinrail was not even among the top 50 exchanges by volume prior to the hack, and processed about $2 million worth on the day before it was hacked. The biggest cryptocurrency exchange at the moment, OKEx, handled $1.7 billion worth of trades in the last 24 hours.

As always, you should be aware that holding your cryptocurrency on exchanges is risky, since they are a very attractive target for hackers. To be as safe as possible, you should consider withdrawing the assets you are not planning to trade in the short term.



Ref: https://coincodex.com/article/1853/coinrail-suffers-security-breach-reportedly-loses-40-million-worth-of-crypto/

[1715111993]

1715111993

[1715111993]

1715111993

[1715111993]

1715111993

[audaciousbeing]

The fact is an exchange site cannot be too careful against hackers but in my own concern is who will be held responsible and until when this is carefully identified, there is subject of re-occurrence of these attacks which could even be as a result of insider job but because no investigation, while they find a way to replenish the amount stolen back to customers in case the amount stolen is not enough to wreck the business, it just business as usual.

I think asking everyone not to keep funds on exchange site is not solving any issue as people don't know when the heist is going to happen. I can deposit now, and in the next five minutes the heist occur, would I be foolish not to deposit or I should even avoid the use of exchange site all together and do I then make some money and increase the market penetration. What we should be asking for is someone be held responsible whether the hacker or those who made their system vulnerable enough for hacking.

[SONG GEET]

Apparently, the hacker(s) transferred the funds to IDEX, but the exchange collaborated with Coinrail and Pundi X and froze the account which deposited the tokens. South Korean authorities are already on the case, and we hope that the attackers will not be able to profit from the crypto assets they have stolen.

Isn't IDEX a decentralized exchange platform? How they managed to froze account even if that is of hacker? Decentralized exchange should mean the user will have full access to the tokens we have on exchange.

Looks like IDEX is not a true decentralized platform at all, they are saving our info 

Good thing here is they have saved other user's fund but question above make sense, I think..

[sabrikks]

Apparently, the hacker(s) transferred the funds to IDEX, but the exchange collaborated with Coinrail and Pundi X and froze the account which deposited the tokens. South Korean authorities are already on the case, and we hope that the attackers will not be able to profit from the crypto assets they have stolen.

Isn't IDEX a decentralized exchange platform? How they managed to froze account even if that is of hacker? Decentralized exchange should mean the user will have full access to the tokens we have on exchange.

Looks like IDEX is not a true decentralized platform at all, they are saving our info 

Good thing here is they have saved other user's fund but question above make sense, I think..

IDEX and etherdelta isn't a fully decentralized exchange because you need to deposit tokens to their adress before you can start trading, so i think IDEX didn't for freeze account because their is no account to be frozen but i think they did held the funds in their adress

[bman01]

Yes heard about this and a very alarming news it is. I think proper investigation should be done to find if anyone from the exchange is involved into it. And will tell all other exchanges to take lesson from the accident.

[vnck25]

In my opinion most of these exchanges are here to grab investor money! They really don't focus on security of customer funds,etc.  This is where regulations should come and really check if an exchange is doing  everything correctly. Just like traditional banks they should be insured and regular checks should be carried out by a government body of the country where the exchanged is  operational. These hackings are happening too often and it is also one of the major concerns among investors to kind of back down from investing in cryptocurrencies.

[MicaleFalcon]

They need initiatives for removing this problem. This problem can occurs a large number of losses. If this problem are increase investors are also suffer for this. It is not acceptable.

[farhiamunni]

It is really a great suffering for the whole industry I think. The overall market condition is getting vulnerable after the hack. But the exchange authority should take action to find the root cause and take corrective actions immediately.

[vv181]

Yet more and more centralized exchanges getting hacked. Millions of money are lost. That makes the reason to not keeping funds on an exchange becomes more comprehensible. I believe the centralized exchange times soon will be abandoned, and many people will migrate to decentralized exchanges.

[mc.craigsvictor]

This is really good suggestions for the crypto users because it may help them in future also based on crypto market there are lots of scams and fraud’s are there so all you need to be careful because it may cause of loss also if it gone one time you cant recover this so before transaction they should concern.

[darkangel11]

Yes heard about this and a very alarming news it is. I think proper investigation should be done to find if anyone from the exchange is involved into it. And will tell all other exchanges to take lesson from the accident.

It's not "very alarming" unless you were trading there. The previous Korean exchange that was hacked openly said that they had all their hot wallets drained and it seemed like they had nothing in cold storage. So, they had multiple hot wallets and all automated, so nobody was monitoring the withdrawals. I bet this is a similar case. If they can't learn from other people's mistakes they will keep losing money. And it's so easy to employ someone to verify the transactions. I know it's a boring job, but when machines are getting confused a human supervision is needed.

[ClaytonLWils]

Yesterday, another successful hack was added to the list when Coinrail, a relatively small South Korean cryptocurrency exchange, suffered a security breach that resulted in stolen funds. For now, it is unclear exactly how much the thieves got away with, but the Pundi X team says 2,619,542,080 NPXS (about $14.66 million at the time of writing) were withdrawn from the exchange in an unauthorized transaction.

I am agreed with you. Due to the massive attack, demand has reduced significantly. Thus price is also moving down at the same speed. But I hope it will not be continued for long.

As always, you should be aware that holding your cryptocurrency on exchanges is risky, since they are a very attractive target for hackers. 

I think in order to assure more safety, offline wallet would be a better solution.