Top 5 Infamous Crypto Exchange Security Failures in 2019

The inception of cryptocurrencies led to the birth of several crypto-related businesses such as crypto exchanges, custody providers, among others.

A crypto exchange platform is one of the many businesses that allow crypto investors to trade a cryptocurrency for other forms of assets, including a different cryptocurrency, conventional fiat currencies, among others.

Among all the businesses that stemmed from the launch of cryptocurrencies, crypto exchanges, majorly referred to as exchanges, have arguably been the most profitable, with significant players in the crypto space venturing into this line of business.

However, despite the huge profit attached to this business, most platforms as in other years failed to impress crypto enthusiasts in terms of securing users’ funds and data since the start of 2019.

In no significant order, Coinfomania takes a look at the top five crypto exchange failures in 2019.

 

1. QuadrigaCX

Country: Canada

Period: January 2019

Amount Lost: $190 million

Trouble started for the then-popular crypto platform after the death of its owner, Gerald Colten, who purportedly held the private keys to the company’s cold storage wallet with investor’s $190 million funds in it.

However, efforts to retrieve the private keys failed, which led the crypto exchange Kraken to reach out to the public to provide information that would help in regaining the wallet’s private keys with a $100,000 reward attached to the offer.

Current Status: After efforts to recover the allegedly lost funds proved abortive, QuadrigaCX executives instituted bankruptcy proceedings with big-four auditor Ernst and Young assigned to monitor proceedings. The long process of liquidating the company’s remaining assets and the lack of funds means that affected users have little to no hope of recovering their crypto assets.

 

2. Cryptopia

Country: New Zealand

Period: January 2019

Amount Lost: $16+ million

Cryptopia users started this year on a sad note after reports surfaced that the New Zealand-based crypto exchange was hacked to the tune of $16 million.

The operators embarked on a temporary shutdown and immediately informed the relevant authorities to investigate the matter.

During the investigation, authorities discovered that some of the stolen funds were sent to the Binance exchange, which, however, led Binance to freeze the affected user account and retrieve some of the money, although this move later became insignificant.

Fifteen days after the first attack was carried out on Cryptopia’s server, the exchange recorded yet another attack from one of the wallet address used in the first attack, thus making matters more complicated for New Zealand’s exchange.

Current Status: Five months after the hack, the exchange operators said they were going out of business, recruiting liquidators Russell Moore and David Ruscoe both from Grant Thornton New Zealand to liquidate the company in order to settle staff, shareholders, and affected users.

 

3. Binance

Country: Malta

Period: May and August 2019

Amount Lost: $40 million

Whenever crypto enthusiasts hear that a crypto exchange is at the receiving end of hackers’ wrath, what comes to mind is that the criminals must have stolen a large volume of crypto assets from the platform.

Well, popular crypto exchange, Binance was at the receiving end of both kinds of attacks this year.

First, it was a security breach in May that led to the loss of 7000BTC (worth $40 million at the time) and then in August, alleged theft of 10,000 KYC selfies from the exchange and demanding 300 BTC, to withhold the photos.

Even though the exchange noted at the time that there was no evidence that the KYC images were obtained from their platform, the exchange went ahead to place a 25 BTC bounty for any user who would provide relevant information on the whereabouts of the hacker.

Current Status: Binance refunded users who lost money to the 7000BTC hack and also resolved the KYC data theft issue without compromising the trust of several million users of the platform.

 

4. Bitpoint 

Country: Japan

Period: July 2019

Amount Lost: $32 million

In early July, Bitpoint reported that its hot wallet reserve was ransacked, with the hacker stealing approximately $32 million worth of cryptocurrencies.

Despite calls made by Japan’s Financial Services Agency (FSA) to the exchange before the attack to improve their internal controls, the exchange neglected the warning and would have to pay the price.

In what could be described as the next line of action for every hacked exchange, Bitpoint halted trading, withdrawal, and deposits services on its platform, to prevent further attack.

Current Status: Bitpoint’s parent company, Remixpoint Inc, waded into the issue to alleviate investors’ plight, by making a promise to compensate investors.

 

5. UpBit

Country: South Korea

Period: November 2019

Amount Lost: $50 million

UpBit found itself in hot waters earlier this week when suspected hackers invaded the exchange’s Ethereum hot wallet storage and made away with a whopping $50 million worth of Ether tokens.

Reacting to the development, the exchange quickly moved to halt withdrawal and deposit services at the time, due to fear of incurring more loss.

Current Status: Upbit promised investors that it would bear the damage from the hack, although this compensation has likely not been issued at the time of writing (two days after the incident)

Conclusion

Crypto exchanges have always suffered from hackers’ wrath over the year, with blockchain forensics company, CipherTrace reporting that cryptocurrency heist and fraud in 2019 reportedly spiked by 150% (appr. $4.4 billion) in the first nine months of the year.

The recurring crypto theft experienced on these platforms has prompted major players in the industry to advise investors not to store their assets on any third-party exchange, as they are vulnerable to hackers.

The right move for investors is to only trade on such platforms, after which the assets should be moved to a wallet. A crypto wallet cannot be hacked unless the owner discloses their private keys to a third-party, meaning that the user assumes full responsibility for safeguarding their assets.

Never miss out on our daily crypto news, stories, tips, and price analysis.  Join us on Twitter | Telegram | Facebook or subscribe to our weekly Newsletter