Crypto Hacks: The Coinrail Hack Resulted in a Loss of Over $40 Million
Tech Deep Dives

Crypto Hacks: The Coinrail Hack Resulted in a Loss of Over $40 Million

4m
Created 2yr ago, last updated 2yr ago

CoinMarketCap takes a deep dive into one of the most popular hacks of a South Korean exchange, Coinrail, that lost not only $40 million worth of tokens but also the trust of it customers.

Crypto Hacks: The Coinrail Hack Resulted in a Loss of Over $40 Million

Table of Contents

Technology is advancing at a rapid pace. The ways of work, communication, selling, buying, and paying have been changed. We have officially entered the era of cashless payments. People are avoiding carrying a large amount of cash with them to prevent the risk of getting robbed. And why wouldn’t they? With the influx of a variety of contactless payment methods, there is no need to stay dependent on the age-old methods.

However, despite the technological advances, the risks of security breaches are still there and are only increasing. Take blockchain, for example. It is considered to be one of the safest mechanisms and has bullet-proof security, according to cybersecurity professionals. However, even technology as advanced as blockchain is susceptible to security breaches.

To find out more about one of the biggest crypto hacks in the history of crypto trading, let’s dive deep into this article.

What Is the Coinrail Hack?

The coin rail hack is considered to be the biggest crypto hack in history. Coinrail is a South Korean cryptocurrency exchange that lost about $40m in a hack. After the attack, Coinrail’s exchange functions were put on hold in an attempt to recover the losses of its customers.

When Did It Happen?

The Coinrail hack took place in June 2018, just before the Bithumb hack.

During its maintenance period, it was discovered that 70% of the ERC-20 tokens were saved in an offline wallet. Ignoring the details of the attack, the customers were only concerned with the successful recovery of their investments.

Who Was Involved?

The identity of the intruder who hacked the Coinrail exchange is still a mystery. In June 2018, when the platform got hacked, the owners posted the update without mentioning the exact figures of the loss.

They just mentioned that some tokens like NPXS and ATC from the exchange’s platform were stolen. The hackers managed to connect an Ethereum-backed wallet to the exchange’s system and got successful in transferring the said tokens from the main servers to the wallet address. The successful implementation of an automated channel of transferring an unusual amount of tokens in their wallet was the most concerning part of the exchange.

The worth of these tokens was around $40m. After a few days during the inquiry process, a mysterious address was caught receiving a large number of tokens from fake accounts. Although 70% of the tokens were safely secured at that time, there is still no clue about the hacker, and of the remaining 30% that was deemed as collateral.

According to the local police, the hack happened due to the lack of efficient security protocols of the exchange. Moreover, the networking experts believed that the breach was made successful by involuntary support from a machine from the inside of the company that had admin-level access to the internal system. An educated guess would lead to a common phishing accident but that’s too easy of a reason to be considered true.

How Did It Conclude?

Soon after the attack on Korea’s seventh-largest crypto exchange, the local police began an investigation round to narrow down the tracks of the hackers. In an ideal scenario, there should have been some clues left by the hackers that could lead the policemen right to them. However, contrary to popular movie concepts, blockchain networking doesn’t work this way.

Analyzing the robbery, the police managed to secure Coinrail’s servers’ data and began investigating the causes of leakage of the respective cryptocurrencies.

Realizing that the scope of this operation was outside of that of the Korean law enforcement, the Coinrail team contacted Pundi X and they collectively discussed the issue with the IDEX team to freeze the suspicious account that had received an unusual amount of NPXS tokens. This made all of the affected NPXS tokens trackable.

Impact of the Coinrail Hack on the Crypto Community

After the Coinrail hack, the trust level of the investors shook dramatically. Due to this reason, Coinrail is now an offline exchange platform. Up to 70% of its tokens are stored in cold wallets as a safety precaution.

The authorities worldwide are making efforts to stabilize the crypto market and make the security systems strong. Another point also came in front that blockchain wasn't found to be a secure system and technology.

How Can We Protect Exchanges From Hackers?

Protection from a crypto scam or a crypto hack isn’t easy on both individuals and exchanges. For individuals, it is recommended to follow the following practices:

Investment Choices

Diversification is a key element of a successful investment strategy. There are many exchanges out there that offer their customers a variety of trading options and coins to opt for.

Research

Before investing in any token or cryptocurrency, it is suggested to find out their benefits, security measures, and technical requirements before you opt for any one of them. This provides you with a surety of investing in a reliable project that has real-world applications. While some cryptocurrencies might seem lucrative due to their incredibly articulate marketing campaigns, they can be a part of a mega rug pull plan in the long run.

Exchanges should work towards fulfilling the regulatory requirements set by their countries to build the trust of their customers. This will allow them to increase their already-populated customer base and develop standing in the crypto community.

With the increase in technological advancements, all crypto trading exchanges are being forced to implement several security measures to ensure that the customers continue to use their platform. Although the increased number of security measures might serve as barriers for large-scale investors, it is the need of the hour and an unanimously-agreed solution to secure funds.

This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap. CoinMarketCap is not responsible for the success or authenticity of any project, we aim to act as a neutral informational resource for end-users.
3 people liked this article