Bithumb Hacked: Bitcoin, Ethereum Stolen From Popular Cryptocurrency Exchange

Bithumb—one of the largest cryptocurrency exchanges in the world—was hacked, resulting in the theft of more than $1 million worth of Bitcoin and Ethereum from thousands of accounts on the platform.

The South Korean exchange—the fourth largest for Bitcoin and largest in the world for Ethereum—was compromised last week after a hacker gained access to the PC belonging to an exchange employee.

Read: From Online Payments To Bitcoin: The Evolution Of Cryptocurrency

The initial breach appears to have taken place last week, which resulted in Bithumb informing the Korea Internet and Security Agency (KISA) of the apparent hack. 32,000 customers in total were compromised in the security lapse—about three percent of the exchange’s total userbase.

While Bithumb copped to the hack, admitting that an employee’s machine was compromised, and reported personal information including phone numbers and email addresses associated with users were leaked.

However, the exchange said passwords were not stolen or published and no funds stored on the exchange were accessed directly. Its operators also claimed that the internal networks, its servers and digital currency wallets were not compromised.

"The employee PC, not the head office server, was hacked,” the company said in a statement. “Personal information such as mobile phone and email address of some users were leaked. However, some customers were found to have been stolen from because of the disposable password used in electronic financial transactions.”

Despite this claim, users of the exchange have noted their accounts have been stolen from, including one victim who reported nearly $9,000 worth of cryptocurrency taken from his account. Another user claims to have had more than $1 million stolen from his accounts alone.

Read: AlphaBay Offline: Dark Web Market May Have Disappeared In Bitcoin-Stealing Exit Scheme

Estimates thus far suggest the total amount stolen from users on Bithumb is around $1 million—a massive loss for South Korea’s largest cryptocurrency exchange.

While it’s based in South Korea, Bithumb has a worldwide presence. It accounts for 20 percent of trades involving Ethereum globally and 10 percent of the global bitcoin trade.

The disparity in the stolen funds and the exchange’s claim that no funds were accessed as the result of a hack may appear suspicious, but there is an explanation. It appears that attackers may have gained access to account credentials through phishing efforts in which they called users of the exchange and posed as representatives of Bithumb.

On the call, the attackers would ask for a user’s one-time password, which grants temporary access to the account. If the victim of the call provided that password, the caller could gain immediate access to the target’s funds.

It is unclear if the phishing calls were related to the leaked credentials stolen from the Bithumb employee’s account.

The exchange posted notice on its website informing users that it would provide compensation for cases of leaked personal information, offering to pay up to 100,000 won (about $870) per person. Additional compensation for reported thefts have not yet been determined.

Users of the exchange are reportedly organizing to file a class-action lawsuit against Bithumb.

Newsweek’s Structure Security conference on Sept. 26-27 in San Francisco will highlight the best practices that security professionals are using to protect some of the world's largest companies and institutions, join us for two days of talks, workshops and networking sessions with key industry players - register now.