A Huobi User Claims 140,000 Yuan Worth of Bitcoin Was Stolen from the Crypto Exchange, Who is to Blame?
A Chinese cryptocurrency investor has recently come out slamming the leading crypto exchange Huobi for its internal vulnerability he believes causing his loss of 5.4 bitcoins in a post on the 8btc forum, a major Chinese crypto community. But Huobi denied responsibility for what had happened.
The 8btc forum user, identified by his surname Ding, claimed in a post that his Huobi account that contained more than 140,000 yuan worth of cryptos was hacked on Jan.13. He received text messages from the exchange at the time notifying him of someone setting up 2 factor authentication using google authenticator(GA) for his account, but in fact, the newbie trader had not bond GA and his email address before.
Mr. Ding tried to log in to his Huobi account but failed. In no time he turned to the support of the exchange and informed about the incident. Huobi’s customer service rep told him the trader logged into his account with a new IP address, and had already converted his altcoins to 5.4 bitcoins and cleared out the account assets before the exchange frozen the account.
Who’s to Blame?
Mr. Ding insisted Huobi should bear the responsibility for the accident if its weak security measures allowed the hacker to accomplish the attack as he himself had not lost the mobile phone, and never clicked the unknown link which might be linked directly to the phishing site.
“I just want to get my money back. I will not blame anyone for my own misoperation. The exchange cannot leave me alone behind when my cryptos have been stolen for no reason,” the man complaint.
However, Huobi refuses to compensate for the loss now, saying in a statement released on the 8btc forum on Jan.21 that the exchange itself which has not suffered hacker attack recently is secure, and its operations comply with verification requirements. Huobi indicated the incident was caused by Mr.Deng visiting a phishing site. The exchange advised him to call the police and they would assist in the police investigation.
Yet it is not the police matter. Local law enforcement officers told him it was difficult to track stolen funds with only a public key, and suggested he get back to the exchange.
Huobi’s response and attitude annoyed Mr. Ding, and he turned to 8btc forum for help. His post, which has been viewed over 44,502 times with 640 comments, ignited a hot debate in the Chinese crypto community.
Another 8btc forum user soon found the victim’s account was quite vulnerable because he did not bind GA and his email address. Mr. Ding admitted that “ I really don’t know about this”.
Allegedly, a Chinese security firm said it was attributable to the victim’s text messages hijacked by pseudo base stations. The firm offered Mr. Ding a “preliminary judgment” , saying hackers might intercept his account after his personal details were disclosed and two-factor authentication codes sent via SMS were intercepted. The firm claimed it was not easy to recover the loss if the hacker transferred bitcoins to a wallet.
Mr. Ding has pinpointed the attacker’s alleged bitcoin wallet addresses —p1H2HJsPRFMnrUYZJjtnuiL6wmmz3f2NGkv, and 5.4 bitcoins are still there.