Coinrail lost $40 million in a cyberattack

Summary

In June 2018, Coinrail, a South Korean cryptocurrency exchange, was hacked. During the hack, the attackers managed to steal about $40 million worth of cryptocurrencies from hot wallets.

Attackers

The identity of the attackers has not been publicly disclosed.

Losses

Coinrail lost 30 percent of the tokens the exchange was housing (nearly $40 million worth), including:

• $20 million worth of NPXS
• $14 million of ATX
• $6 million DENT
• $1 million TRON

Timeline

• June 10, 2018: Coinrail reported a hack. Trading is suspended.
• June 11, 2018: Coinrail reveals that approximately 30% of its total coin reserves have been stolen. 70% of its total coin reserves have been moved to an offline cold wallet.
• July 15, 2018: Coinrail resumed service with offers to recover the stolen cryptocurrencies.

Security Failure Causes

Weak operational security practices: According to the local police, the hack happened due to a lack of efficient security protocols.

Insider threat or social engineering: Networking experts believed that the breach was made successful by involuntary support from a machine inside the company that had admin-level access to the internal system.