South Korean cryptocurrency exchange Coinrail targeted by “cyber intrusion”

Following an attack on South Korean cryptocurrency exchange Coinrail, cryptocurrency prices have dropped sharply, including a 10% drop in the value of bitcoin.

The exchange, one of the world’s top 100 crypto exchanges by trading volume, confirmed via Twitter and on its website that it had been the victim of a “cyber intrusion” on Sunday, resulting in the loss of almost one third of the coins traded on the exchanges. Though the value of the loss wasn’t disclosed, industry analysts quoted in Yonhap News estimated that about 40 billion won (£27.8m) worth of virtual coins had been stolen, including 21 billion won worth of Pundi X and 14.9 billion won worth of Aston.

The attack remains under investigation, with a police spokesperson saying that the access history of Coinrail servers had been secured and were in the process of being analysed. The police are attempting to discover whether the leakage was caused by hacking or by computer network problems. According to the Korea Internet & Security Agency (KISA), determining the cause may take around a month.

According to a statement by Coinrail, “70% of total coin and token reserves have been confirmed to be safely stored and moved to a cold wallet [not connected to the internet]. Two-thirds of stolen cryptocurrencies were withdrawn or frozen in partnership with related exchanges and coin companies. For the rest, we are looking into it with an investigative agency, related exchanges and coin developers.”

The drop in the value of bitcoin and other cryptocurrencies has been attributed by many to this incident, which emphasises the vulnerability of cryptocurrency exchanges,  as well as the blockchains on which the currencies themselves run, to attack. Others argue that the timing is coincidence, but the need for increased security and regulation in this area is evident.

Cryptocurrency has been a major target for attackers. The past twelve months have seen $64 million in bitcoin stolen from NiceHash, $31 million stolen from Tether, and more than $500 million from CoinCheck. South Korea is one of the world’s major cryptocurrency trading centres, and as such represents a particularly tempting target, as demonstrated by the case of another South Korean exchange, Youbit, which filed for bankruptcy in December 2017 following multiple hacks.

Standards have been improving – 14 major South Korean cryptocurrency exchanges adopted measures aimed at better protecting users earlier this year, including restrictions on creating more than one account. Coinrail, as a relatively minor exchange, wasn’t among them. KISA also pointed out that only four of the country’s largest exchanges – among which Coinrail, again, was not included – are currently subject to the Information Security Management System certification (ISMS) requirement, which certifies protection of personal information at companies with average daily visitor of over 1 million.

“(Coinrail) is a minor player in the market and I can see how such small exchanges with lower standards on security level can be exposed to more risks,” said Kim Jin-Hwa, a representative at Korea Blockchain Industry Association.

There’s a tendency for smaller exchanges and companies to think that they’re too small for a hacker to bother with. This attack and others like it go to show how wrong those assumptions are – and the high cost of making them.

Researcher, writer, recovering medievalist. Currently particularly interested in the cybersecurity solutions market, cyber insurance/risk modelling, and IoT security.

Related posts

Your thoughts