,
12 tweets,
5 min read
Read on Twitter
BREAKING 🚨🚨🚨
Bithumb is being hacked, at its EOS cold storage level!!! Over 3million EOS has been transferred out 👀👀👀
Detail to be reported, confirmed by security firm who’s auditing for Bithumb
Bithumb is being hacked, at its EOS cold storage level!!! Over 3million EOS has been transferred out 👀👀👀
Detail to be reported, confirmed by security firm who’s auditing for Bithumb
And this is the second time Bithumb saw a MAJOR hack, last time it’s hacked with a loss over $30m.. lol and after the first hack it was STILL able to get the fiat license from Korea and WTF??
It’s said their private key was stolen on its EOS account g4ydomrxhege
Hacker's is from ifguz3chmamg, that’s the address ALL EOS was transferred to, down stream exchanges with stolen fund are Huobi, HitBTC, WB, EXmo etc
Hacker's is from ifguz3chmamg, that’s the address ALL EOS was transferred to, down stream exchanges with stolen fund are Huobi, HitBTC, WB, EXmo etc
With more updates numbers on stolen fund distribution (number of $EOS) and the hacker’s address still holds 1.9Million $EOS
EXMO: 662,600
Huobi: 263,605
Changelly 143,511
KuCoin: 96,270
CoinSwitch: 38,725
$EOS DUMP 👀👀👀
EXMO: 662,600
Huobi: 263,605
Changelly 143,511
KuCoin: 96,270
CoinSwitch: 38,725
$EOS DUMP 👀👀👀
From a comment below.. $XRP wallet is hacked too ..
XRP hacked wallet address - rLaHMvsPnPbiNQSjAgY8Tf8953jxQo4vnu
stolen 20,000,000 xrp (worth $6,000,00)
OMFG 🤦🏻♀️🤦🏻♀️🤦🏻♀️
XRP hacked wallet address - rLaHMvsPnPbiNQSjAgY8Tf8953jxQo4vnu
stolen 20,000,000 xrp (worth $6,000,00)
OMFG 🤦🏻♀️🤦🏻♀️🤦🏻♀️
just a minor update. The cold wallet seems still ok, g4ydomrxhege is the hot wallet owned by Bithumb (from address Bithumbshiny) eospark.com/account/g4ydom… thanks to @evilcos
This is just insane -
1. It’s the second major Bithumb hack so they literally learned NOTHING from last time
2. Why keeping $15m in a single wallet?? high amount withdraw needs lengthy verification anyway..
Will keep everybody posted with @chiachih_wu @evilcos
1. It’s the second major Bithumb hack so they literally learned NOTHING from last time
2. Why keeping $15m in a single wallet?? high amount withdraw needs lengthy verification anyway..
Will keep everybody posted with @chiachih_wu @evilcos
3. EOS won’t be able to freeze this time, or it’s now too late
4. Hacker has been disposing the stolen EOS via ChangeNow, a non-custodial crypto swap platform dose not require KYC/account
5. Bithumb is the only top Korean ex operator without a commercial banking partnership
4. Hacker has been disposing the stolen EOS via ChangeNow, a non-custodial crypto swap platform dose not require KYC/account
5. Bithumb is the only top Korean ex operator without a commercial banking partnership
The entire timeline as below - h/t @evilcos @chiachih_wu
(SGT time zone)
3/29 9:40AM - Hacker account ifguz3chmamg was created via accountcreat
3/29 9 to 11PM - Bithumb wallet g4ydomrxhege has been transferred out 3,132,672 EOS to the hacker account, total 16 transactions
(SGT time zone)
3/29 9:40AM - Hacker account ifguz3chmamg was created via accountcreat
3/29 9 to 11PM - Bithumb wallet g4ydomrxhege has been transferred out 3,132,672 EOS to the hacker account, total 16 transactions
3/29 post 11PM - hacker has been disposing stolen EOS via ChangeNow to downstream exchanges including Huobi, Kucoin, the distribution is still on going
3/30 midnight, Bithumb started to transfer remaining balance of g4ydomrxhege/new deposit into its cold wallet bithumbshiny
3/30 midnight, Bithumb started to transfer remaining balance of g4ydomrxhege/new deposit into its cold wallet bithumbshiny
Stolen fund flow analysis :
Majority of the Bithumb stolen EOS are sent to @Exmo_Com @HuobiGlobal @kucoincom @coinswitch @ChangeNOW_io @hitbtc Changley, and a little bit to @binance @hitbtc and BW
Majority of the Bithumb stolen EOS are sent to @Exmo_Com @HuobiGlobal @kucoincom @coinswitch @ChangeNOW_io @hitbtc Changley, and a little bit to @binance @hitbtc and BW
One thing is very puzzled: if private key is stolen, hacker could transfer fund out at once: 1st trx was a test for only 1 EOS, 2nd trx was 3,069,400, but there are 14 other transactions sporadically after it
Also the same memo was attached to all 🤔🤔 which is unnecessary
Also the same memo was attached to all 🤔🤔 which is unnecessary
