South Korean Gov’t Investigating Bithumb Security Breach, World’s Largest Cryptocurrency Exchange
Local news publications and leading media outlets in South Korea have reported that Bithumb, the world’s largest cryptocurrency exchange by trading volume, suffered a security breach that affected 30,000 users on the trading platform.
Seoul Central Prosecutor’s Office for Advanced Criminal Investigation has announced that it had taken over the case and is currently in progress of analyzing the hacking attack and linking traces back to the anonymous hacking group that successfully breached into the emails of Bithumb employees and eventually gained control over the system.
According to reports, funds of Bithumb users were not stolen during the hacking attack. But, sensitive personal and financial information of at least 30,000 users has been leaked.
The Seoul Central Prosecutor’s Office for Advanced Criminal Investigation led by supervisor inspector Shin Bongsu, revealed that hackers targeted Bithumb employees with phishing emails, sending malware to the computers used by employees within the Bithumb headquarters. By using the emails of employees, the hackers were able to extract personal information of over 30,000 users.
The Seoul Metropolitan Police Agency’s Department of Cybercrime, told reporters that several Bithumb users notified the agency of suspicious transactions and bank account activities. Some users claimed that the personal information that was leaked during the security breach involved banking information, which allowed hackers to withdraw money from the bank accounts of Bithumb users.
In the next few days, Bithumb will collaborate with government agencies and the South Korean police to investigate the security breach, and implement necessary security measures to prevent such attacks in the future.
In June, Bithumb suffered a similar security breach at a larger scale, which led to the loss of $1 million in cryptocurrency funds including Bitcoin and Ethereum, and the theft of user data. At the time, Bithumb compensated each user that was affected by the hack, crediting each account with $100 in compensation. In total, the Bithumb team compensated $1 million to the users that had their personal data stolen, and another $1 million to the users that have had lost their funds during the hacking attack.
As the largest Bitcoin and cryptocurrency exchange in the world and South Korea, Bithumb has consistently been the target of North Korean hackers. In September, FireEye, a cybersecurity firm, revealed that that North Korean hackers have been targeting South Korean Bitcoin exchanges such as Yapizon through sophisticated attacks including spear phishing.
“In 2016 we began observing actors we believe to be North Korean utilizing their intrusion capabilities to conduct cyber crime, targeting banks and the global financial system. This marked a departure from previously observed activity of North Korean actors employing cyber espionage for traditional nation state activities,” stated FireEye researchers.
But, given the exponential growth rate of Bitcoin and the cryptocurrency market, FireEye researchers noted that the interest of the North Korean government towards the market was somewhat expected.
“Add to that the ties between North Korean operators and a watering hole compromise of a bitcoin news site in 2016, as well as at least one instance of usage of a surreptitious cryptocurrency miner, and we begin to see a picture of North Korean interest in cryptocurrencies, an asset class in which bitcoin alone has increased over 400% since the beginning of this year,” the report added.
The Seoul Central Prosecutor’s Office for Advanced Criminal Investigation as well as the Seoul Central Prosecutor’s Office for Advanced Criminal Investigation are focusing on the involvement of North Korean hackers in the recent Bithumb security breach.