An internet watchdog in South Korea is probing a cyberattack against Bithumb, one of the country's dominant cryptocurrency exchanges, after data relating to more than 30,000 users was exposed and more than a billion won, the local currency, allegedly drained from accounts.
The state-run Korea Internet and Security Agency (KISA) was first contacted by Bithumb on 30 June to report that personal data had leaked from its systems after an employee's home PC was hacked. The firm claimed the number of impacted customers was roughly 3% of its userbase.
In a series of blog updates on its website, Bithumb claimed no passwords were stolen. However, it confirmed that compromised data included names, mobile phone numbers and email addresses.
At the time of writing, no hacking group has come forward to claim credit for the digital heist.
On 3 July, officials from KISA reported that Bithumb customers' personal information was leaked and said that prosecutors had "launched a probe into the case and will release investigation results in a few days." Reports first emerged from local media, including state outlet Yonhap.
"The employee PC, not the head office server, was hacked," Bithumb said in one update.
"Personal information such as mobile phone and email address[es] of some users were leaked. However, some customers were found to have been stolen from because of the disposable password used in electronic financial transactions," it added.
The hackers reportedly used 'voice phishing' (vishing) tactics to gain full entry to accounts. This is when a culprit contacts a victim directly, posing as a company executive, in an attempt to access sensitive information – often usernames, passwords or security codes.
In this case, one victim told cryptocurrency outlet BraveNewCoin that an attacker "posed as an executive at Bithumb" via a phonecall to claim the firm found suspicious foreign activity on an account. The target eventually handed over a slew of key account information.
One hijacked number, according to BraveNewCoin, was the victim's One-Time Password (OTP). In this instance, the hacker allegedly accessed ten million won, the equivalent of roughly £6,740 ($8,700). The outlet estimated that "hundreds of millions of won" had been stolen so far.
The complete amount lost to the hackers is yet to be verified.
One user claimed to have had 1.2 billion won (£806,000, $1,040,136) stolen. Tech website Motherboard pointed towards Naver, South Korea's version of Reddit, which featured updates from furious Bithumb members complaining about losing digital currency after the cyberattack.
One alleged victim there claimed 7,100,000 won (£4,770, $6,000) was drained from an account.
Compensation offers to victims
In the wake of the incident, the administrators of Bithumb have pledged to offer compensation to those impacted, of up to 100,000 won per person. It is still probing the scope of the alleged hack.
According to BraveNewCoin, Bithumb is the largest bitcoin and Ethereum exchange in South Korea, and one of the five largest bitcoin exchanges in the world. It estimated that it hosts more than "13,000 bitcoins worth of trading volume" every day, or roughly 10% of global trade.
It is currently one of the biggest ethereum exchanges in the country by volume, reportedly accounting for more than 44% of South Korea's overall trading in that form of currency alone.
In 2017, the worth of bitcoin spiked and at one point a single bitcoin was worth more than an ounce of gold. It is decentralised online money built upon the foundation of the blockchain, a distributed ledger technology (DLT). It remains turbulent – but remains an attractive investment to many.
It is, by nature, vulnerable to cybercrime. In April this year, another South Korean cryptocurrency exchange called Yapizon lost what equated to millions of US dollars after hackers were able to infiltrate its computer network and steal more than 3,800 bitcoin from users.