Last week, South Korean cryptocurrency exchange Bithumb revealed the theft of around $31 million (34 billion KRW) from their system. The exchange was vague on the details of the security breech, including the type and amount of stolen tokens, suggesting that an investigation was still ongoing. Earlier today, Bithumb published an update claiming that roughly $14 million (16 billion KRW) of the stoken tokens had been recovered thanks to the “ongoing participation, support and cooperation” of cryptocurrency exchanges and foundations. This suggests that the hackers attempted to sell off their stolen tokens, only to have their deposits seized by the exchanges before any transactions could take place.
This is good news for Bithumb’s customers, who are still awaiting details about how the missing funds will be repaid. A more pressing matter for the exchange’s customers is the complete lockdown of both withdrawals and deposits. Bithumb moved all user funds into offline wallets shortly after the theft was discovered, and plans to keep the funds in cold storage until the investigation is complete. In an effort to compensate customers for the lack of access to their funds, Bithumb is also offering coupons for commission-free trades and a 10% APR on held tokens until withdrawals resume.
Bithumb’s post also revealed the specific tokens and balances that were taken during the hack. While there was some speculation shortly after the heist that only XRP tokens had been stolen, it turns out that the bulk of the theft was in bitcoin. Hackers made off with 2,016 BTC (around $12.3 million), with the remaining losses mostly coming from ETH, and XRP. All told, thieves made off with balances of 11 popular crypto tokens.
In some ways, Bithumb has been extraordinarily lucky following the hack. It’s rare for such a high percentage of stolen tokens to resurface so quickly after a theft, or for those coins to be sent directly to other exchanges where they could be seized. (By comparison, the 650,000 BTC stolen during the Mt Gox hack have yet to surface, although blockchain forensics firm Chainalysis claims that “the destination of those coins is definitely known.”) This suggests that the Bithumb hackers were either too inexperienced to properly mix the stolen coins before selling them, or in too big of a rush to care.
Worse yet, all of this drama could have been avoided had Bithumb’s customers followed one of the core maxims of cryptocurrency: “Not your keys, not your crypto.” Instead of trusting an exchange to keep their coins safe, they could simply have stored their tokens using a hardware-based offline storage solution. A tethered, air-gapped hardware wallet — a system recommended by virtually all cryptocurrency security experts — is essentially the same secure, hack-proof storage method that Bithumb is currently using. Had Bithumb’s users relied on these tools, only transferring tokens to an exchange when they wanted to sell or trade them, they would still have access to their cryptocurrency now, and wouldn’t need to rely on the charity and kindness of other exchanges to return their funds.