In reports released today and yesterday, Japanese crypto exchange BITPoint has released details of the 3.02 billion Yen hack that took place earlier in the month.
Investigation by BITPoint Japan (BPJ) has found that the hackers took 2.06 billion Yen of customer assets and 960 million of BPJ assets. All the outflow happened from hot wallets (inter-connected wallets) and involved Bitcoin (BTC), Bitcoin Cash (BCH), Ethereum (ETH), Litecoin (LTC) and Ripple (XRP).
The clarification report released today details the outflow amounts and customer assets for each of these cryptocurrencies. According to the report, the outflowing amounts were 1,225 BTC, 1,985 BCH, 11,169 ETH, 5,108 LTC, and 28,106,343 XRP. The breakdown of the 2.06B Yen is as follows:1.28B Yen BTC, 0.04B Yen BCH, 0.24B Yen ETH, 0.04B Yen LTC, and 0.44B Yen XRP.
BPJ does not yet know about the cause of the hack. The exchange plans on investigating the login track, wallet server, device and operation vulnerability, and illegal outflows. To counter illegal infringement, BPJ will use the services of JVCEA (Japan Virtual Currency Exchange Association). JVCEA will stop an account from depositing and buying cryptocurrencies if it’s suspects that the wallet has received from an illegal address.
BPJ has taken some immediate measures to prevent further damage. It suspects that the hack may have resulted from the hot wallet’s private key being compromised. Based on this suspicion, they have moved all cryptocurrencies they manage to a cold wallet, suspended their services, and asked customers to not transfer their crypto assets to a BJP wallet. If the customers have some assets in their account, then they should keep them in a cold wallet.
Hackers have successfully targeted several crypto exchanges this year. In June, Singapore-based Bitrue lost 9.3 million XRP and 2.5 million ADA. The exchange was able to quickly detect the hot wallet hack and alerted the relevant exchanges of the fraud, resulting in timely freezing of the transactions. In May, hackers withdrew 7000 BTC from one hot wallet managed by Binance. The hackers used multiple accounts, viruses, phishing, and other techniques to collect keys and codes of users.