Bithumb Hacked Again: Over 3 Million EOS Transferred Out From Exchange’s Hot Wallet

According to early reports from security researchers, South Korean cryptocurrency exchange Bithumb has suffered a major attack that started on Friday (March 29) around 01:40 UTC. (This is the second major attack on Bithumb, with the first one occurring in June 2018, when the exchange lost $30 million in crypto.)

One of the first people to report the news of the attack on Bithumb was Dovey Wan, a founding partner at Primitive Ventures:

According to Dovey's Twitter thread and information we have gathered from other sources, here is what seems to have happened so far (all time information is in UTC):

  • The attack started on March 29 at 01:40 with the hacker creating EOS wallet "ifguz3chmamg”.
  • Between 13:16 and 15:35 on March 29, 3,132,672 EOS were transferred from wallet address “g4ydomrxhege” (which belongs to Bithumb) to wallet address “ifguz3chmamg” (which belongs to the hacker) in 16 transfers.
  • Around 15:21 on March 29, the hacker started transferring the stolen EOS to various other crypto exchanges (including Huobi, HitBTC, and Changelly). 
  • Around 16:08 on March 29, Bithumb started transferring the remaining balance at wallet address “g4ydomrxhege” to its cold wallet (“bithumbshiny"), a process that is still ongoing at the time of writing (08:42 on March 30).

Here are some more updates from Dovey regarding the stolen EOS:

And here is Binance CEO Changpeng Zhao ("CZ") providing some further information on the whereabouts of the stolen EOS:

CZ also confirmed that so far none of the stolen EOS has made its way to Binance:

Also, it seems that over 20 million XRP tokens were stolen as well:

This is the latest tweet (sent out at 04:28 UTC on March 30) from Bithumb's account:

According to the latest notice posted on Bithumb's website, it seems that the exchange thinks that this was an inside job, it has allerted the authorities, and is working on recovering the stolen funds. 

As the story develops, we will update this article...

$86 Million: Blockchain Game Startup Founder Arrested After Defrauding Investors

Francisco Memoria

The founder of a Dutch blockchain game startup has been arrested after reportedly defrauding investors, suppliers and employees.

The firm, Komodore64, was supposedly tracking the sales of in-game collectibles using the Komodo blockchain in games it developed. Since its launch in March of this year it claimed to have raised over €78 million (around $86 million) from private investors, including Goldman Sachs.

The Next Web reports the firm also raised funds through its cryptocurrency K64, with one investor saying they sent the firm $662,000. Soon, however, reports surfaced showing it failed to pay suppliers and employees. Komodore64 is even said to have even held a lavish launch party that cost thousands of euros, but never paid for the event itself.

Its founder, reported to be Sam Narain, allegedly defrauded investors by posing with a group acting as representatives from Goldman Sachs, to draw in more investors. Narain is said to have been arrested while staying at the Hilton hotel in The Hague, where he was staying to avoid “angry crypto investors.”

Narain’s arrest and connection to Komodore64 is reportedly yet to be confirmed, although previous reports seem to show he is indeed the person behind the blockchain game startup.

Featured image via Pixabay.