Personal information on 30,000 customers of Bitthumb, billed as South Korea's largest cybercurrency exchange, were likely exposed in a recent hack of an employee's PC and used to trick customers and pilfer their funds.
“The last few weeks were dramatic for cryptocurrency and its traders with the market volatility providing an opportunity for both honest investors and criminals,” Ben Herzberg, security group research manager at Imperva, said in comments to SC Media. “This is due to surges in demand for Bitcoin bringing it to over 2.7K USD, which has now stabilized to around $2.5K USD. Other cryptocurrencies like Ethereum have spiked from almost nothing to $400 in a very short time, and are now around $270.”
This latest incident has prompted an investigation by the Korea Internet & Security Agency, which was alerted by Bitthumb on June 30, a day after discovering the alleged breach, that an employee's home computer had been compromised, the Yonhap News Agency reported an agency official as saying.
“In this case, according to Bithumb, the breach itself was on data stored outside of the company's assets on a personal computer. This also brings the question of data security in companies and the ability of employees to take sensitive information with them when they're at home,” said Herzberg. “Part of this is due to the rapidly changing work environment where employees gets more remote access to company resources, which poses a challenge to IT security departments.”
According to a notice posted by Bitthumb, passwords were not leaked although reports said many customers claimed to have received calls and texts which extracted or attempted to extract authentication codes from them, the news agency said.
“Attackers can make a lot of money when attacking crypto exchanges, due to some factors like the anonymity of the cryptocurrencies, hence the ability to dispose of the stolen goods with limited risk, and also by speculating on market prices, especially in specific exchangers or markets, and causing dramatic changes. In many cases this is done by Denial of Service attacks, which are hugely popular against cryptocurrency exchanges,” Herzberg explained.
Reports of the Bitthumb breach come just as Park Yong-jin, a lawmaker from the Minjoo Democratic Party, said he'd introduce a trio of legislative revisions in July to create a regulatory framework for digital currencies, the Korea Herald said.