Coinrail Exchange Hacked, Loses Possibly $40 Million in Cryptos

South Korea-based Coinrail has not disclosed the exact amount lost in the breach, but data suggests the damage could be $40 million.

AccessTimeIconJun 11, 2018 at 6:32 a.m. UTC
Updated Aug 18, 2021 at 9:17 p.m. UTC

Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Coinrail, a cryptocurrency exchange based in South Korea, said on Sunday its platform has been hacked, with other sources suggesting it lost cryptocurrencies totaling as much as $40 million in the attack.

According to its website, the exchange has already suspended services after it suffered what it calls a "cyber intrusion," which resulted in a range of ERC-20 based tokens stolen from the platform.

  • Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
    13:18
    Bitcoin Mining in the U.S. Will Become 'a Lot More Decentralized': Core Scientific CEO
  • Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
    05:10
    Binance to Discontinue Its Nigerian Naira Services After Government Scrutiny
  • The first video of the year 2024
    04:07
    The first video of the year 2024
  • The last regression video of the year 3.67.0
    40:07
    The last regression video of the year 3.67.0
  • However, Coinrail only provided the names of some of the tokens that were taken in the alleged breach without disclosing the exact amounts at stake. These included the NPXS token from the Pundi X project, ATC from Aston and the NPER project's NPER token.

    However, a blog post published by Pundi X on Sunday suggested that the hacker may have stolen 1,927 ether, 2.6 billion NPXS, 93 million ATX and 831 million DENT coins, as well as significant amounts of six other tokens.

    These assets in total were worth around $40 million at the time of the hack and have since dropped to around $30 million at press time, according to data from CoinMarketCap.

    Pundi X's article suggested that following the hack, Coinrail alerted the project on Sunday to an ethereum address which is believed by Coinrail to be associated with the hacker. That address is now flagged as "Fake_Phishing1432."

    Data from Etherscan.io shows the address tried to sell some 26 million NPXS tokens at IDEX, a decentralized ethereum asset exchange, right after it received 2.6 billion NPXS from another address that is also now labeled as a suspicious account – "Fake_Phishing1431."

    Coinrail and Pundi X claimed that IDEX froze the assets sent from the Fake_Phishing1432 address upon investigation and the NPXS tokens were not liquidated.

    In addition, transactions associated with Fake_Phishing1431 show it received a range of cryptocurrencies from a single address several hours before Coinrail reported the hack, which, besides ETH, NPSX, ATX, DENT, also included tokens from other projects such as Kyber Network, Storm, Jibrel Network and Tron.

    Data from etherscan.io further indicates that, following the hack, while the NPXS was sent to IDEX, other stolen tokens appear to have been sent for trading to EtherDelta, another decentralized cryptocurrency exchange.

    However, it remains unclear at this stage whether the assets had been liquidated or not. Coinrail could not be reached for an update, and EtherDelta has not yet responded to a CoinDesk request for comment.

    Coinrail said on its website that 70 percent of its reserves are safe as they have been moved to a cold wallet which is not accessible through the internet.

    For the 30 percent that were compromised, the firm said two-thirds of them are currently frozen. Meanwhile, it's still investigating the final third of those tokens with "police, investigators, relevant exchanges and project developers."

    Data from CoinMarketCap showed the platform was ranked around 90th largest around the time of the hack, with 24-hour trading volume amounting to some $2 million on the site. Its data is currently not available on CoinMarketCap due to the system suspension.

    Hack image via Shutterstock

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.


    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.