Elementus, a blockchain analytics firm, reports that the Cryptopia crypto exchange was hacked for a second time to the tune of 1,675 ETH.
It was just two weeks ago that the Cryptopia cryptocurrency exchange, based in New Zealand, was hacked. The criminals managed to make off with roughly $16 million in Ethereum (ETH) and ERC-20 tokens. Researching the breach of security, blockchain analytics firm Elementus reported that additional wallets on the exchange were at risk, and now they’ve been proven right.
Two Hacks in Just Over Two Weeks
Elementus is reporting that a second hack has hit Cryptopia. The amount stolen was far smaller than the initial security breach, but that’s small comfort to those affected.
A total of 17,000 Cryptopia wallets were relieved of 1,675 ETH, which is worth about $180,000. The coins started being removed at 6:49 Monday morning and continued throughout the day to this wallet address.
Elementus initially thought that the exchange was moving funds around, but they soon realized that such was not the case and that the hackers had returned.
Loss of Control
The blockchain analytics firm concludes that the exchange does not have any control over their Ethereum wallets. They note that it seems that the hacker has access to the private keys and can move coins at will.
Even more interesting is that the owners of many of the affected wallets are unaware of what’s going on and are actually topping up their wallets again. This allows the hacker to go back in and steal some more funds.
— Cryptopia Exchange (@Cryptopia_NZ) January 15, 2019
There is a valid reason for why people are continuing to deposit funds into the wallets of an exchange being targeted by hackers. Elementus notes:
Most of the funds are coming from mining pools. Presumably, these payments are being sent on behalf of miners who opted to receive their rewards automatically via “direct deposit,” and have since forgotten about it.
So far, Cryptopia has not issued any notice on their official Twitter account concerning the second hack. Their last tweet comes from the day before the latest breach and just affirms that the police are looking into the original hack from several weeks ago.
This situation just goes to show that it’s still in the hands of the individual consumer to protect their funds. Relying upon an exchange for absolute security can lead to heartache.
What do you think about Cryptopia getting breached for a second time? Let us know in the comments below.
Images courtesy of Twitter/@Cryptopia_NZ, Shutterstock, and Pixabay.