Anyway to block usage of stolen coins?

[CryptoBry]

Theoretically miners could refuse to mine a transaction that attempted to move stolen coins, but you'd need the majority to refuse and it's not as if they all work closely together. It also would be probably down to pools to do it as many miners won't check what they're actually processing.

Since they're only in it for the money you could include a ginormous fee to tempt them and I believe that's happened with hacks in the past.

Theoretically some entity can give miners a signed transaction with a good reward, and ask them to mine it if some unauthorized withdrawal is made from their wallet while hacker's transaction is still in the mempool, but it still requires a large amount of miners (ideally - having all miners on board), and the reward should be bigger than what hackers will offer, otherwise miners will be tempted to include hacker's transaction. It also requires real-time coordination with miners, to tell them whether transaction is authorized or not, and any delay just increases the chance that malicious transaction will get confirmed.

The efforts needed to get miners to act united on the hacked coins can be gargantuan and if it were possible maybe exchanges who were victims of hacking to the tune of millions in dollars might have done this. In other words, it seems impossible as there is no agreed protocol on this problem. We can never obliged miners to agree to do this.

[squatter]

I am really curious what exchanges have a withdraw throttle from out of the ordinary amounts of withdraws or even exchanging alts in a short time span. I bet none and it is like the easiest fix.

If users withdraw = 1.5x or 1.25x normal volume stop all withdraws.
Will give them time to take a quick manual look at what is going on.

At least the hackers can`t steal massive amounts in seconds from many different accounts.

that is true if the hacker was actually withdrawing anything but they are not. they are "hacking" their system which means they have access to their wallets and the underlying system, for example have access to their wallets and private keys.

The recent Binance attack was a case where compromised accounts used the withdrawal system and Binance mistakenly authorized the withdrawal. I believe they mentioned plans to institute more comprehensive internal checks like TimeBits is talking about. They say their wallets weren't compromised, and I can see my deposit addresses haven't changed.

This appears to be the new frontier for exchange hackers: Compromise accounts, patiently wait, then try to slip through the withdrawal system unnoticed. Another similar attack on Gatehub just happened, where dozens of user accounts were compromised through API keys. The attack netted a $10 million reward for the hackers.