Here we go again, another hack! This time, they're reporting a loss of 3.5 billion yen, which is around $32 million. Just adds to the pile, especially considering Ciphertrace's estimate of $1.2 billion stolen in Q1 alone.
Bitpoint mentioned they noticed some "fraudulent outflows of virtual currency" from their hot wallets.
So what’s the plan from here?
We're almost at the end of Q2 2019 and as expected, the numbers would keep adding and adding and the hacks would also rise and rise. Also upon reading the article, apparently the problem is within the platform's own premises, and this was also noticed by the Japanese Financial Services Agency that issued them an operational improvement order just last year.
I guess this is just an open vault waiting to be grabbed by hackers knowing that the said platform isn't really that secure as deemed by a government agency. Oh well, that's another hack to add for the statistics.
Although it is believed that the cryptocurrency is well protected and safe to use, and for this indicator it is much better than paper money, we see that this statement is very exaggerated. This we only hear about hacking exchanges for large sums. And how many hack just wallets of individual users? No one knows these numbers.
Exchanges have big targets on their back. The potential booty to be stolen by hackers is much larger than targeting individual users. With basic security precautions -- particularly offline signing or hardware wallet usage -- individual users can transact with a very high degree of security.
First coincheck and now bitpoint! As per a report by Ciphertrace, total 520 million USD worth of bitcoin has been stolen in Japan alone, it will go over few billions if worldwide exchanges are conaidered!
I am sure Bitpoint didn't have any insurance or any emergency funds like SAFU of Binance and the end user will suffer big time! Sad news but at the same time an eye opener for this industry to re-think their security measures! I think Japan must incorporate the idea of an emergency fund for each and every licensed exchanges!
Lol even Japan's Financial Services Agency knew they were vulnerable. I wonder how much improvement was done following the directive? They must have done something to lift the order after all.
But yeah, it's crazy how often this happens, and even amidst tight regulation at that. They're at least they're promising to return customer funds I guess.
Bitpoint Reveals Amounts Stolen, Pledging to Reimburse Users in Crypto
https://cointelegraph.com/news/bitpoint-reveals-amounts-stolen-pledging-to-reimburse-users-in-crypto
-1,225 Bitcoin (BTC) worth ¥15.3 billion ¥1.28 billion belonging to customers and ¥250 million to the firm;
-1,985 Bitcoin Cash (BCH) worth ¥70 million ¥40 million (customers) and ¥0.2 billion (firm);
-11,169 Ether (ETH) worth ¥330 million ¥240 million (customers) and ¥0.8 billion (firm);
-5,108 Litecoin (LTC) ¥0.5 billion, of which ¥40 million (customers) and ¥0.0 billion (firm); 28,106,323 XRP ¥10.02 billion, of which ¥2.6 billion (customers) and ¥960 million (firm).
"Bitpoint has moreover revealed its plans to compensate customers in cryptocurrencies rather than in their equivalent fiat value.
The exchange reiterates its belief that the breach occurred due to unauthorized access to the private keys of its hot wallets, and that it now plans to move all holdings into cold storage."
Personally, I do not trust any report about crypto exchange hacking, especially as the ratio increases with the price rise.
If developers are bound by regulations, I am sure that most of the hacking will be ended due most of them because of greed from manager or greed of some employees.
For users, hacking the platform means losing their money and thus free money to developers.
They have to develop their systems or promise to refund the money.
Every year we see these sort of hacks and it is time the community has to take some actions to stop these kind of losses that are forced upon its end users while the exchange gets scot free and from what i have seen from these hacks only Binance did not settle their loss from their customers and it was a good sign from what we have seen in the past and only legalization of exchanges and having a security deposit in order to run an exchange could sort these issues.
I wonder how they were able to arrive at this figure, because it does seem like a heck of a lot for one quarter. Are they encompassing all the BTC lost due to fraudulent investments as well (like HYIPs), or are they only accounting for actual hacks and breaches?
But hey, at least only their hot wallets seems to be affected.
But why $32 million in their hot wallet? That's 3200+ BTC, which has absolutely no business in staying in an online wallet - and any exchange owner with common sense should know this. They SHOULD be liable for these damages, at least partially, since it is a clear neglection of common security protocol.
What do you mean? It's obvious how the owner can profit from reporting fake losses. Theoretically he can take the funds and run, while the rest of the world thinks that it's gone to a hacker.
This is some news that is depressing to see happening and the rate at which crypto backed exchanges being hacked just continue to cast doubt on the integrity of the entire market because it means that it is not safe to the ordinary man on the street to invest because his investment is not safe and can be eroded within minutes with no hope of coming back and with the people likely responsible for the vulnerability not held accountable for such action.
It's really hard to combat those cyber criminals. On our part we always preach not to put everything in an exchange so that you won't lose big amounts of money. On the exchange part, they should always stay up-to-date regarding cyber security and the people they're going to hire should be competent as well. They should also have like a warning or some sort of flags is anything suspicious is going on. I'm sure this point in time, Japanese regulators will have their hands full again after the reported hack and another lessons to be learnt here.
I really do hope more people and exchanges take compliance seriously. Especially with proper AML compliant companies like ciphertrace who have the technology they need