The exchange is relatively small and was slightly ranked in the world’s top 90 according to CoinMarketCap, based on its trading volume.
Regardless of its size, the exchange had a large volume of coins, which seems to have attracted an intrusion into its platform.
According to reports, the hacker(s) made away with different cryptocurrencies, mainly Pundi X (which was recently launched), and it is alleged that $19 million worth of NPXS tokens were stolen, Aston X worth over $13 million, Dent worth nearly $6 million and Tron worth over $1 million. In total, all the stolen assets were worth close to $40 million.
Fortunately, the firms issuing the tokens were not directly affected by the intrusion. It’s believed that the tokens taken belonged to Coinrail users.
After the hack, it’s clear that Pundi X and Aston were the most affected, with Pundi X alleging that the intrusion impacted some 3 percent of its total volume of tokens. Since then, Pundi X has ceased trading of its tokens across all the exchanges, while Aston has put a freeze on its affected tokens.
Coinrail has since gone offline, taking the remainder of its assets—around 70 percent—to a cold storage wallet (meaning it cannot be accessed online). The remaining 30 percent of compromised assets has been frozen as it investigates the intrusion.
The “Ripple Effect”
The whole intrusion caused jitters in the cryptocurrency markets, with its effects felt throughout the industry. Bitcoin’s market value plunged by 10 percent (from $ 7,600 to around $6,700), its lowest price in two months. This increased the cryptocurrency’s year-to-date losses to about 50 percent, shedding as much as $120 billion off its market value.
Ethereum prices dropped from $570 to around $511, before recovering slightly to about $533. Other major cryptocurrencies also experienced similar drops, with EOS—the fifth largest currency by market cap—taking the worst hit, plummeting by 15 percent.
It has been suggested that the hack was responsible for Bitcoin’s value falling, but Coinrail is an obscure exchange and might not have caused such a ripple effect in the markets.
One thing is for sure—policy-makers have been cautioning investors in trading the digital currency given that there is lack of oversight and user protection. Speaking to Reuters, a representative of the Korea Blockchain Industry Association stated Coinrail did not promote self-regulation to enhance security. Since the company is a small player in the market, it had lower standards of security, exposing it to more risks than on average.
Another Day, Another Hack
The drop may be attributed to the fact that this is the fourth cryptocurrency exchange hack this year. In January, Japan-based Coincheck was hacked, and $500 million worth of cryptocurrency was stolen. In February, $200 million worth of cryptocurrency went missing from Bitgrail, an Italian cryptocurrency exchange. Later in April, India-based Coinsecure said that about $3.3 million worth of Bitcoins were stolen from its wallet. Other hacks have also occurred in the latter half of 2017—Tether was hacked last November, and EtherDelta suspended its service in December after they were compromised.
However, the mother of all cryptocurrency exchange hacks was in 2014 when Mt. Gox lost close to 744,408 BTC, which today would be valued close to $5.3 billion.
About $1.1 billion in cryptocurrency has been stolen in the first half of 2018 with exchanges the most popular target for hackers, making up 27 percent of attacks this year, according to Carbon Black, a cybersecurity company. The amount is set to rise with reports surfacing of another hack—this time it’s Bithumb, another South Korean exchange. It is one of the busiest in the world, according to CoinMarketCap. Reportedly, $31.5 million worth of virtual coins was stolen, and it certainly highlights the security risks involved.
The two hacks serve another reminder that the industry remains unregulated and vulnerable.