According to the assessments by Elementus company, in the recent cyber-attack to the Cryptopia cryptocurrency trade center in New Zealand, about $16 million’s worth of different kinds of assets, especially Ethereum and ERC20 tokens, has been stolen. Findings and analyses by Elementus were published a week after public report about the security breach in Cryptopia.
On January 13, the inventory of a number of Cryptopia wallets was emptied out. This emptying out continued for some time and custodians of the organization suspended all trades the next day stating the maintenance services of cryptocurrencies as the reason. On January 15, Cryptopia reasoned it as a security breach. New Zealand legal authorities will step in to investigate the incident. Until January 17, all the inventory of Cryptopia was emptied out.
In recent days, hackers changed the stolen assets to cash through cryptocurrency exchanges. Among the exchanges wherein the most amount of changing took place are Bibox, Binance, Huobi, and HitBTC. About $15 million of the stolen assets remain under the control of hackers in two wallets. Elementus has announced that it had these two wallets under surveillance, and would report its activities.
More than 76 thousand wallets were attacked in this incident. This indicates that thieves had gained access to thousands of private keys belonging to these wallets.
It seems that, in this incident, hackers had no urgency to steal, and stole the assets of Cryptopia during five days. Even though Cryptopia found out the existence of this security breach, it was not able to take the needed steps to prevent this incident, and the pullout of assets from its wallets continued. The only acceptable explanation for the inaction of Cryptopia in this incident is the lack of access to its wallets.
It seems that Cryptopia had stored all its private keys in one server, and hackers gained access to all the private keys through this server before Cryptopia was able to erase the server.
Despite this incident, around two thousand wallets from Cryptopia have an inventory equal to 380 Ethereums (approximately $46000). It seems that users of these wallets were not aware of this incident and Cryptopia’s security breach and still use their wallets. Elementus have published a list of all vulnerable wallets.
On January 17, the CEO of Binance trade center declared on twitter that it has blocked a portion of stolen tokens transferred to this organization. The transparency of Blockchain allows monitoring of trades conducted with stolen assets. Therefore, any trade center that is sensitive to such incidents can block them. By providing an alert system for trades conducted using stolen assets, Elementus has encouraged trade centers to block these illicit trades.