, 12 tweets, 5 min read Read on Twitter

Bithumb is being hacked, at its EOS cold storage level!!! Over 3million EOS has been transferred out 👀👀👀

Detail to be reported, confirmed by security firm who’s auditing for Bithumb
And this is the second time Bithumb saw a MAJOR hack, last time it’s hacked with a loss over $30m.. lol and after the first hack it was STILL able to get the fiat license from Korea and WTF??
It’s said their private key was stolen on its EOS account g4ydomrxhege

Hacker's is from ifguz3chmamg, that’s the address ALL EOS was transferred to, down stream exchanges with stolen fund are Huobi, HitBTC, WB, EXmo etc
With more updates numbers on stolen fund distribution (number of $EOS) and the hacker’s address still holds 1.9Million $EOS

EXMO: 662,600
Huobi: 263,605
Changelly 143,511
KuCoin: 96,270
CoinSwitch: 38,725

From a comment below.. $XRP wallet is hacked too ..

XRP hacked wallet address - rLaHMvsPnPbiNQSjAgY8Tf8953jxQo4vnu
stolen 20,000,000 xrp (worth $6,000,00)

OMFG 🤦🏻‍♀️🤦🏻‍♀️🤦🏻‍♀️
just a minor update. The cold wallet seems still ok, g4ydomrxhege is the hot wallet owned by Bithumb (from address Bithumbshiny) eospark.com/account/g4ydom… thanks to @evilcos
This is just insane -

1. It’s the second major Bithumb hack so they literally learned NOTHING from last time

2. Why keeping $15m in a single wallet?? high amount withdraw needs lengthy verification anyway..

Will keep everybody posted with @chiachih_wu @evilcos
3. EOS won’t be able to freeze this time, or it’s now too late

4. Hacker has been disposing the stolen EOS via ChangeNow, a non-custodial crypto swap platform dose not require KYC/account

5. Bithumb is the only top Korean ex operator without a commercial banking partnership
The entire timeline as below - h/t @evilcos @chiachih_wu

(SGT time zone)

3/29 9:40AM - Hacker account ifguz3chmamg was created via accountcreat

3/29 9 to 11PM - Bithumb wallet g4ydomrxhege has been transferred out 3,132,672 EOS to the hacker account, total 16 transactions
3/29 post 11PM - hacker has been disposing stolen EOS via ChangeNow to downstream exchanges including Huobi, Kucoin, the distribution is still on going

3/30 midnight, Bithumb started to transfer remaining balance of g4ydomrxhege/new deposit into its cold wallet bithumbshiny
Stolen fund flow analysis :

Majority of the Bithumb stolen EOS are sent to @Exmo_Com @HuobiGlobal @kucoincom @coinswitch @ChangeNOW_io @hitbtc Changley, and a little bit to @binance @hitbtc and BW
One thing is very puzzled: if private key is stolen, hacker could transfer fund out at once: 1st trx was a test for only 1 EOS, 2nd trx was 3,069,400, but there are 14 other transactions sporadically after it

Also the same memo was attached to all 🤔🤔 which is unnecessary
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Dovey Wan 🦖
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!