Crypto Exchange COSS Removes 10% of Its Tokens’ Supply From Hackers’ Wallet

A Reddit user who had a large amount of funds on the COSS cryptocurrency exchange has recently revealed he has been hacked for over $860,000. The incident saw hackers take about 10% of the total supply of COSS tokens from his account, which prompted the contract’s owners to deduct the tokens from the hackers’ wallet.

Per the thread on Reddit, the user ‘blockchainified’ found out that on October 14 he was hacked while he was asleep. Once he turned on his laptop, he saw the attacker managed to brute force his way into his account, to steal 14 BTC ($89,500), 22 ETH ($4,400), and 11.7 million COSS tokens ($770,000).

About 19,000 EOS (over $100,000) could’ve also been stolen, although at the time it wasn’t possible to withdraw the cryptocurrency from the exchange. In the thread, the user blames COSS for the incident as at the time it went under maintenance – which the user claimed was an attack.

The user claimed to have been using two-factor authentication (2FA), but that it fell to a brute force attack that saw hackers try to gain access over 25,000 times. The exchange seemingly didn’t lock the account after a few failed attempts.

 Various users on COSS’ Telegram channel questioned the user about the incident. They found out the user has previously claimed to have been hacked on leading cryptocurrency exchange Binance. Although the thread itself has been deleted, an archived version of the post is still accessible. At the time, blockchainified admitted his email account had also been hacked.

COSS’ Reaction

The COSS exchange itself has reacted to the incident. In a Medium post it asked the hacker to return nearly 10 million COSS tokens to an ERC address. If he did that, the post stated, COSS would “not pursue this case any further.”

On Telegram, a user suggested the COSS contract’s token holders use a function that lets them remove funds from the hacker’s wallet. Shortly after, Rune Evensen, the founder of COSS, implied the move had been done, telling the community to “check the Etherdelta wallet,” referring to a decentralized cryptocurrency exchange the hacker was presumably planning on using.

Users on Telegam noticed EtherDelta's address has 0 COSS tokens in it

CryptoGlobe reached out to Rune Evensen to know more about the incident. Evensen noted the team “reacted instantly when the incident was reported,” and added that a thorough investigation took place while the exchange was taken down for “approx. 24hours” to ensure there were no breaches on its end.

He added:

Short-term an incident like this damages the rep[utation] but it also strengthens the site. We have had a very strong support from our community and we have been in direct dialogue with the involved party since the incident.

He further confirmed COSS used a function in the contract to remove the tokens from the hackers’ account.

The Monero Hard Fork – Did it Help GPU Miners?

Monero, the open-source altcoin created to provide fungibility, privacy and decentralization, successfully underwent a hard fork on 9th March, 2019, resulting in a hash rate plummet of over 80% and a purge of ASIC miners from the network. This is the latest development in Monero’s ongoing war against ASICs, which is designed to prevent too much centralisation of mining hash power. But what exactly does it mean for GPU miners?

The War with ASICs

Monero performed its first anti-ASIC hard fork in April 2018 to counter ASIC machines such as the Antminer X3. The Monero Core Team vocalized specific concerns over government manipulation or imposed regulation of the network and has consequently committed further to increasing ASIC resistance, building its strategy on making scheduled hard forks to prohibiting ASICs from engaging with the network.

In deliberately excluding ASIC mining, Monero is committed to CPU and GPU miners, and resisting centralisation. Preventing potential 51% attacks is doubly important for a privacy coin like Monero, and as mining farms grow in size and the number of hash-power-for-hire marketplaces increases, it’s important to remain committed to this path. The recent Ethereum Classic attack in January shows that it is possible to carry out a 51% attack, even on an altcoin with a fairly high market capitalization.   

The one danger is that over time, Monero’s commitment to its six-monthly hard forks may be unsustainable. This is because community consensus becomes increasingly harder to achieve – the last fork spawned four Monero spin-off projects.

 The Implication for GPU Miners

Monero’s introduction of the anti-ASIC Proof of Work protocol saw hash rates plummet by 83%, boosting profitability for GPU miners who typically mine other more profitable coins. However, the hash rate is already beginning to climb, recovering to 313.75 Mh/s from 95 Mh/s.

The drop in hash rate made Monero one of the most profitable coins to mine for a time, but through the laws of supply and demand, the hash rate is already equalizing. The market didn’t rally in response to the hard fork as one might have expected, the sluggish response may be because most mining farms and GPU mining rigs require too much manual effort to change mining algorithms – although software is becoming more sophisticated.

Monero Network Hashrate

Monero’s upgrade has also introduced further security-oriented changes to the dynamic block algorithm to help mitigate potential ‘big bang’ attacks. Sticking to its privacy coin roots, the upgrade further introduced a dummy encrypted payment ID, improving the homogeneity of each transaction.

The latest hard fork is therefore a significant improvement on Monero’s founding principles of privacy, security and decentralisation which should be welcomed. Plus, it’s a boon to GPU miners, and demonstrates that if you’re agile, there’s still money to be made through GPU mining.

Matt Hawkins, CEO at Cudo Ventures

Matt Hawkins is a distributed computing expert and entrepreneur. He founded and sold a data centre business and is now applying his knowledge, network and his enthusiasm for crypto market and technology developments in Cudo Miner. Matt believes decentralised computing is better for the environment, and Cudo’s vision is to help make computing more ethical and sustainable – whether its reducing waste or creating innovative ways to support good causes.