According to a blog post by Elementus, a blockchain infrastructure company, on January 29, Cryptopia, a New Zealand Cryptocurrency exchange, was still attacked by Cybercriminals two weeks after the first report of a hacker.
The Cryptopia Exchange suspended service on January 15 after discovering a major hacker who reportedly caused “significant losses.” Cryptopia said the hacking took place the day before January 14. Prior to the disclosure of the hacker incident , the platform initially claimed that it was undergoing unscheduled maintenance and released several small-scale updates.
On January 20th, Elementus reported that the $16 million Ethereum (ETH) and ERC20 tokens were stolen. According to blog data from the Ethereum public blockchain, on the morning of January 13, Cryptopia’s two core wallets—one holding the ETH and the other holding the token—started being stolen.
Elementus said in today’s article that the attack is still going on, and hackers have stolen 1675 ETH ($175,875) from 17,000 Cryptopia wallets, all to a new wallet address. The company further stated that of the 17,000 affected wallets, 5,000 were emptied when the platform was first broken, but were later refilled.
Elementus said it is clear that the same hacker should be responsible for the ongoing security breach because the funds have been transferred to the wallet address used in the initial hack. Both of the above addresses on Etherscan were flagged for hacking, and the site warned that the public should be cautious when interacting with these addresses.
The blog concludes that Cryptopia has no control over its Ethereum wallet, and hackers can still. Some in the encryption community pointed out that this is not a second attack on the Cyberopia wallet, but a continuation of hacking. One Twitter user said: “The essence of compromise is that the attacker steals their private key and deletes the (password) copy. If you have never learned the basic workings of the private key, then the same trick is just a New techniques that can be used to draw your attention.”
Yesterday, a report by blockchain analysis firm Chainalysis pointed out that two hacker groups reportedly stole $1 billion in cryptocurrency. According to a report shared with the Wall Street Journal, both entities have received most of the financial losses in cryptocurrency fraud.