Hackers steal Bitcoin funds from Bithumb exchange traders, one of the five largest in the world

One of the world’s largest cyber-currency exchanges is under investigation after it acknowledged that one of its employee’s PCs had been hacked. South Korea-based Bithumb has said that it believes personal details of roughly 32,000 of its customers were stolen as a result – three per cent of the exchange’s user base. It appears the data was subsequently used to fool users into letting thieves steal funds from their accounts. The website is a pretty big deal: it handled two trillion won ($1.7bn) in Bitcoin transactions in 2016.

These stolen personal details were used to drain some people’s online digital wallets, with one person losing the equivalent of 10 million won ($8,600) in seconds, the Kyunghyang Shinmun reported this week. Apparently, the crooks phoned Bitcoin holders pretending to be Bithumb bosses, and convinced some of their marks to hand over one-time passwords granting access to their money stores.

Bithumb has promised compensation. But the Korea Internet and Security Agency, a local government-empowered watchdog, has launched an inquiry into the matter, according to the Yonhap news agency.

Scam calls
Bithumb allows its members to buy and sell the virtual currencies Bitcoin and Ethereum. It is South Korea’s biggest cryptocurrency exchange, based on recent trading volumes, and one of the five largest in the world.

The breach is reported to have occurred in February, and is said to have involved an employee’s home PC rather than computer servers at the firm’s headquarters. Bithumb is reported to have discovered the breach only on 29 June and reported it to the authorities the next day.

Although a notice posted to the company’s site said the leaked data did not contain passwords, dozens of customers have reported receiving follow-up scam calls and texts in June that persuaded them to share their accounts’ authentication codes.

Bithumb has promised initially to cover losses of up to 100,000 won ($86; £67) per customer, and to add to this once it has been able to verify individual losses. But it is unclear whether victims will be compensated in full. An unverified local report said one member claimed to have lost 1.2bn won ($1.04m; £806,000).

Security – employees the weakest link

David Kennerley, director of threat research at Webroot, said the hack on Bithumb shows that employees can still be an organization’s weakest link when it comes to security.

„The fact that access appears to have been initiated by initially compromising an employee’s personal PC is a very worrying development – highlighting huge failings on so many levels, from an employee education and training standpoint, all the way to administrative and technical controls, to monitoring and enforcement,” said Kennerley.

Pete Banham, cyber resilience expert at Mimecast, added that firms need to revise their security policies to accommodate the introduction of bring-your-own-device (BYOD) – particular computers that are also used at home.

„This cryptocurrency heist is a prime example of why firms need to think about the sensitive information employees have access to in a remote working world,” Banham advised. „Assume home PCs are or will be compromised when designing your data protection strategy.

At present, virtual currencies are not regulated by South Korea’s financial authorities and efforts to address the matter have made little progress.

Source: BBC