The hack has happened during the weekend, on Sunday Coinrail announced the cyberheist. Attackers stole over $40M worth of ICO tokens that were maintained in the servers of the exchange.
The company published a data breach notification on its website that currently appears in maintenance mode.
해킹공격시도로 인한 시스템 점검중입니다. 일부코인(펀디엑스,NPXS)이 확인되었으며 추가적인 코인피해가 있는지 여부를 확인중입니다. 추후 자세한 사항은 재공지하겠습니다 / There has been an cyber intrusion in our system. We're confirming it and some coins(Pundi X, NPXS) are confirmed.
— coinrail (@Coinrail_Korea) June 10, 2018
The exchange explained that attackers stole tokens issued during the initial coin offerings (ICOs) of Pundi X (NPXS), NPER (NPER), and Aston (ATX).
“Most notably, the hackers got away with $19.5 million-worth of NPXS tokens that were issued by payment project Pundi X’s ICO. Added to that they scored a further $13.8 million from Aston X, an ICO project building a platform to decentralize documents, $5.8 million in tokens for Dent, a mobile data ICO, and over $1.1 million Tron, a much-hyped project originating from China.” reported TechCrunch.
“That’s according to a wallet address that has been identified as belonging to the alleged attacker, who also got hold of smaller volumes of a further five tokens from Coinrail.”
South Korea is one of the countries with the highest cryptocurrency trading activity, but Coinrail is one of its smaller exchanges operating over there.
According to coinmarketcap.com, the South Korean exchange ranks in world’s top 90 based on trading volume.
After the discovery of the hack, Coinrail immediately put offline its wallets to secure its cryptocurrency assets, it is currently working with the affected ICO companies to freeze the stolen funds.
Coinrail asked other cryptocurrency exchanges to freeze some of the attacker’s addresses where the coins where transferred.
At the time there is no news about possible compensation for the customers of the exchange, recently Japan’s Coincheck refunded its customers following a cyberheist.
(Security Affairs – Cryptocurrency Exchange Coinrail, cyberheist)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.