Cryptopia Hack was more serious than first assessments. What now?

Contrary to many reports that described the Cryptopia hack, things are looking actually a lot worse. The exchange was originally reported to have lost a little over $2.5 million in Ethereum and ERC-20 tokens. By recently uncovered information, the stolen cryptocurrencies actually amount to nearly $16 million. The Blockchain analysis platform Elementus, reached this conclusion by analyzing the Ethereum Blockchain with the Elementus query engine.

But the truth may be even worse than the nearly 8-time increase from the originally reported theft. The now known $16 million number only counts for the Ether and ERC-20 tokens. This means the possibility of more funds being stolen during the attack is very likely. Elementus also mentions that the hack created a difficult approach to analysis from security points of view. This is largely because the examination of how the attack occurred raised many questions.

The Cryptopia hack is far worse than originaly thought

Elementus’s analysis shows that the hackers managed to move $16 002 108 worth of Ethereum tokens over the course of 5 whole days. The largest three currencies moved were, $3 570 124 worth of Ether, $2 446 212 worth of Dentacoin and $1 148 144 worth of Centrality.

After moving out all the funds from the exchange, the hackers quickly started transferring them to other exchanges. This was done in small pieces for a grand cash out total of $882 632. There is however, a very alarming fact about the hack on Cryptopia.

Other high profile crypto exchange hacks usually arise from a vulnerability in the platform’s smart contract code. This allows the attackers back door entrance to the exchange. The hack on Cryptopia however, directly attacked more than 76 000 user wallets. This essentially means that the hackers did not exploit a single point of weakness in the platform’s smart contract. They somehow directly managed to acquire thounsands of private user keys from the exchange’s database.

Another big alarm is that usually when a hack happens, it’s a race against time. Even the most successful hacks often have to quickly make the most of what they got their hands on. In the case of Cryptopia’s hack however, the attackers appeared unusually relaxed and methodically extracted the funds throughout the course of 5 days. Elementus says what’s shocking is that Cryptopia became aware of the hack less than 24 hours after it was discovered. Even though the exchange knew, there were absolutely no actions taken to prevent further damage.

This is alarming news not only for Cryptopia, but for the whole Crypto world in general. By getting away with this type of attacks, the hackers damage the industry’s credibility very seriously. There are currently ongoing investigations about insider knowledge which could have been used to help the attackers.

Read more:

• After Hackers stole Cryptopia’s funds, Changpeng Zhao was criticized for advising storage on Exchanges
• Was Ethereum Classic hit with a 51% attack and should you worry? 
• The Russian Prime Minister, Dmitry Medvedev: We should pay more attention to Crypto!
• Authorities are freezing assets of all involved in the biggest scam in Crypto history – Bitconnect