After the mid-2018 attack on Bithumb, the South Korean Cryptocurrency company came under siege yet again. However, the only difference between the two attacks is the fact that the former was from external elements and the latter is from suspected internal elements. According to reports, criminal elements from inside the company are said to have stolen crypto tokens worth $20 million. Ironically, after the 2018 attacks, the company has been trying to secure external platforms.
In the recent event, it is believed that internal perpetrators may have stolen the security key and channelized digital money to unknown accounts. This, however, was done at a gradual progression. Before the machines could trace, the money was transferred to an unidentified account and then redistributed to several accounts to avoid the trail.
The first details of the hack came on social media when multiple crypto monitors posted suspicious activities, such as moving 3 million EOS, worth $13 million, from the company’s wallet to unknown destinations. The hackers were also found to have stolen about 20 million XRPs, worth $6million.
While this is not the first case of hacking in the cryptocurrency industry, it is yet to be ascertained why the company was late in flashing it to the media. It is believed that Bithumb already knew about the hack, 24 hours in advance to the media release. It is also being speculated that the company may have tried to cover up the entire thing out of sheer insecurity of losing its reputation for the second consecutive time.
In its statement, the company said that after careful speculation and investigation, it was being ascertained that this was the act of internal elements “because the external intrusion path had not been revealed till now.” It further said that it would be conducting the investigation with KISA, Cyber Police Agency, and security companies. The admission from Bithumb itself points to the possibility that there are insiders involved in the crime.
Experts believe that the company was slow to react because it wanted to hide the anomaly within the organization. They further say that the cryptocurrency industry is more concerned about the external syphoning of the accounts, which builds loopholes within. Measures should be taken to fortify the internal loopholes too. The employees should be educated about the trust that people have levied on them with their money.
At the beginning of 2019, CipherTrace, which is a blockchain intelligence firm, released a security report in 2018 which identified that the threat on the cryptocurrency market looms large from internal sources than external sources.