cryptopia hack

Cryptopia Hack Estimated to be in the Region of $16m

You may remember my article on the 17th January which relayed information regarding the recent cryptopia hack. If you missed it, it stated that the New Zealand police had began investigating the crime.

Since then it has been announced by data firm Elementus that the hack is most likely to total roughly $16 million USD which puts it up there with one of the largest attacks to have happened in the crypto-verse.

Interestingly enough, the data firm also announced that the thieve (or thieves) which conducted the hack did so in a strange manner. According to Elementus, the thieves acted over a period of roughly five days and, instead of executing their plan as quickly as possible, like most hackers, they slowly dripped their ill gotten gains out of the Cryptopia exchange. The firm also stated that, in order to pull off the hack, the hackers utilised thousands of Ethereum wallet addresses.

It is important to note that Elementus have also gone on record to state that they have not actually begun checking other blockchains and that it is a true possibility they will also be bearing losses.

“By our calculations, the total value of the stolen crypto (ether and various tokens), at current market prices, comes out to about $16 million. This number includes only what’s on the Ethereum blockchain (ether and ERC20 tokens). We have not examined the Bitcoin blockchain or other blockchains to see if funds were stolen there as well.”

They also provided a detailed table of what was stolen from the Cryptopia Ethereum wallets:

Token Amount
ETH $3,570,124
Dentacoin $2,446,212
Oyster Pearl $1,948,223
Lisk ML $1,718,610
Centrality $1,148,144
Mothership $880,141
Ormeus $452,841
DAPS $384,425
Zap $147,158
Pillar $254,521
Other Tokens $3,051,709
Total $16,002,108

How did this happen?

At present it is not certain but the people behind Elementus believe that the hack was enabled by Cryptopia storing the private keys to their Ethereum wallets on a centralised server, without a backup. Once the attackers gained access to the server they managed to delete the keys to prevent Cryptopia from being able to access them.

Once again, this hack proves the need for exchanges to ensure they are taking appropriate steps to secure the funds of their customers.