Cryptopia Hack ‘So Unusual’ Versus Typical Attacks: Elementus Blockchain Analysis

The recent hack and theft of digital assets from the New Zealand-based Cryptopia exchange was unusually widespread and lasted much longer than typical hacks, Max Galka of Elementus.io and his team have determined after conducting an analysis.

Galka is a data scientist, adjunct lecturer at the University of Pennsylvania, and CEO and founder of Elementus, a blockchain analytics outfit.

The investigative research only used Ethereum and ERC-20 tokens as evidence, with the researchers leaving out Bitcoin’s and other blockchains involved in the attack. Elementus also posted the raw data that they used for their research.

The vast majority of stolen ether and ERC-20 tokens - $15 million worth at recent prices - remain unsold in the thieves’ wallets. In total about $16 million worth of ether and ERC-20 tokens were stolen.

Features of the Hack

The upshot of their research is that Cryptopia’s hack was an unusual one, and Elementus outline two features of the attack to support this claim.

First, the scope of the attack was unusually large and comprehensive. Elementus claim that 76,000 wallets were penetrated in the attack, meaning thousands of private keys had to be swiped from somewhere - perhaps a central location of private keys.

Elementus point out that exchange attacks “typically involve the breach of a single wallet, and by the time the theft becomes publicly known, the funds are long gone.”

Second, Elementus describe a glaring “lack of urgency” in how the attack was conducted. They highlight that the attack lasted for more than four days, during which Cryptopia - we assume helplessly - simply watched the ether and ERC-20 tokens be withdrawn.

Elementus emphasize that “there should have been no technical complications preventing Cryptopia from securing the funds.” These features of the attack lead them to generally conclude that “The only plausible explanation for Cryptopia's inaction is that they no longer had access to their own wallets.”

Insider Allegations

Some in the cryptoasset industry and community have speculated that the theft was actually an exit scam. Elementus did not at all entertain this possibility, and they don’t seem to be of the opinion that this was the case - but their analysis of the incident does not necessarily preclude it.

For example, the obvious rejoinder to Elementus’ conclusion - that “The only plausible explanation for Cryptopia's inaction is that they no longer had access to their own wallets” - is that Cryptopia themselves conducted the attack with possession of their own wallets.

But there is absolutely no public evidence, at this time, to support the "inside job" theory.

The New Zealand police, who are investigating the matter, issued a press release yesterday updating the public on their progress. Not much new information was forthcoming, however, with the department writing:

Cryptopia management and staff have been co-operating with Police and providing considerable assistance in the investigation. The investigation is expected to take some time to complete, and the digital forensic team will be on-site at Cryptopia’s premises for some days to come.

New Zealand PD

The New Zealand PD reiterated that the situation remained “very complex,” and implored “Anyone with information which could assist the investigation” to get in touch here.

U.S. Government Intervenes in CFTC Case Against Alleged Crypto Fraudster

Michael LaVere
  • The US government has filed to intervene in a lawsuit by the CFTC against Jon Barry Thompson. 
  • Thompson has been charged with commodities fraud and wire fraud, dating back to an alleged 2018 crypto scam involving $7 million.

The U.S. government intends to intervene in a lawsuit by the Commodity Futures Trading Commission (CFTC) against alleged crypto fraudster Jon Barry Thompson. 

According to a report by Finance Magnates, the intervention was made public on Nov. 19, following the government’s filing of a set of documents with the New York Southern District court. Thompson, who has been accused of operating a bitcoin scam and charged with commodities and wire fraud, is in the midst of a lawsuit by the CFTC.

According to the filing, the government’s intervention into the CFTC lawsuit is to prevent interference with a parallel case involving Thompson, United States v. Jon Barry Thompson, 19 Cr. 698. 

The filing states, 

If this case were to proceed, there would be a risk of significant interference with the Criminal Case.

It continues, 

A complete stay would prejudice no party to this civil action; would prevent the circumvention of important statutory limitations on criminal discovery and avoid asymmetrical discovery, and would preserve the Court’s resources because many of the issues presented by the civil action will be resolved in the Criminal Case.

In 2018, Thompson allegedly induced two victims to send “roughly $7 million” to fund the false purchase of bitcoin through his companies Volantis Escrow Platform LLC and Volantis Market Making LLC. 

Featured Image Credit: Photo via Pixabay.com