Cryptopia Hack ‘So Unusual’ Versus Typical Attacks: Elementus Blockchain Analysis

The recent hack and theft of digital assets from the New Zealand-based Cryptopia exchange was unusually widespread and lasted much longer than typical hacks, Max Galka of and his team have determined after conducting an analysis.

Galka is a data scientist, adjunct lecturer at the University of Pennsylvania, and CEO and founder of Elementus, a blockchain analytics outfit.

The investigative research only used Ethereum and ERC-20 tokens as evidence, with the researchers leaving out Bitcoin’s and other blockchains involved in the attack. Elementus also posted the raw data that they used for their research.

The vast majority of stolen ether and ERC-20 tokens - $15 million worth at recent prices - remain unsold in the thieves’ wallets. In total about $16 million worth of ether and ERC-20 tokens were stolen.

Features of the Hack

The upshot of their research is that Cryptopia’s hack was an unusual one, and Elementus outline two features of the attack to support this claim.

First, the scope of the attack was unusually large and comprehensive. Elementus claim that 76,000 wallets were penetrated in the attack, meaning thousands of private keys had to be swiped from somewhere - perhaps a central location of private keys.

Elementus point out that exchange attacks “typically involve the breach of a single wallet, and by the time the theft becomes publicly known, the funds are long gone.”

Second, Elementus describe a glaring “lack of urgency” in how the attack was conducted. They highlight that the attack lasted for more than four days, during which Cryptopia - we assume helplessly - simply watched the ether and ERC-20 tokens be withdrawn.

Elementus emphasize that “there should have been no technical complications preventing Cryptopia from securing the funds.” These features of the attack lead them to generally conclude that “The only plausible explanation for Cryptopia's inaction is that they no longer had access to their own wallets.”

Insider Allegations

Some in the cryptoasset industry and community have speculated that the theft was actually an exit scam. Elementus did not at all entertain this possibility, and they don’t seem to be of the opinion that this was the case - but their analysis of the incident does not necessarily preclude it.

For example, the obvious rejoinder to Elementus’ conclusion - that “The only plausible explanation for Cryptopia's inaction is that they no longer had access to their own wallets” - is that Cryptopia themselves conducted the attack with possession of their own wallets.

But there is absolutely no public evidence, at this time, to support the "inside job" theory.

The New Zealand police, who are investigating the matter, issued a press release yesterday updating the public on their progress. Not much new information was forthcoming, however, with the department writing:

Cryptopia management and staff have been co-operating with Police and providing considerable assistance in the investigation. The investigation is expected to take some time to complete, and the digital forensic team will be on-site at Cryptopia’s premises for some days to come.

New Zealand PD

The New Zealand PD reiterated that the situation remained “very complex,” and implored “Anyone with information which could assist the investigation” to get in touch here.

Bitcoin Investors Reportedly Lose Millions in South African Exit Scam

Michael LaVere
  • VaultAge Solutions CEO Willie Breedt is being accused of making off with millions in investor bitcoin.
  • Breedt allegedly fled the country for Mozambique and has not communicated with investors since December 2019. 

South African cryptocurrency investors are accusing the CEO of VaultAge Solutions of stealing millions in crypto before going on the run. 

According to a report by AllAfrica, Willie Breedt, the CEO of cryptocurrency investment firm VaultAge Solutions, is presumed to be on the run after not making public communications since December 2019. The report claims Breedt was speculated to be staying near the town of Jeffrey’s Bay and that his whereabouts where being looked into by the country’s criminal investigation unit. 

However, South Africans who invested cryptocurrency with the now-defunct firm fear the CEO may have fled the country for Mozambique. 

Breedt is accused of stealing millions from bitcoin investors. The report claims VaultAge Solutions is not registered as a legitimate financial institution with the Financial Services Conduct Authority (FSCA), despite having more than 2000 investors. 

The report quoted investor Lettie Engelbrecht from Krugersdrop, 

We are pensioners and invested R200 000. From December until April, we received payments on the growth of our investment. Since then, we never got any money. We are desperate and living on a shoestring budget.

One South African investor reportedly had deposited more than R6 million ($342,000) with Breedt’s company. 

Breedt delivered a written reply to local outlet News24, explaining, 

I am busy attending to the commitments I have made to members. The commitment is to have all the initial capital paid back by 31 May.

Colonel Katlego Mogale of the Directorate for Priority Crime Investigation (DPCI) said authorities are investigating the case but cannot reveal any more information “at this stage.”

Featured Image Credit: Photo via