On June 19th 2018, just before 2PM London time, Bithumb was hacked out of $30 million worth of cryptocurrencies.
How the hack happened exactly we do not know. Bithumb has made few comments but to confirm that there was a theft which they will cover out of their profits.
What we do probably know, however, is that Ripples were stolen, or at least Ripple (the currency) has something to do with the theft.
Around 2PM London time someone on Binance market sold a considerable amount of XRP. This was during a general trading day when bullishness was in the air with eth rising some 10% yesterday.
The XRP are sold for USDT. That USDT is then turned into LTC around 2PM yesterday with LTC showing a pretty interesting chart for the LTC/USDT trading pair on Binance:
If we zoom in, we can get a more precise time of when some 6,000 LTC were market bought. On the 5m candle, it shows that huge jump to $120 was within five minutes starting at precisely 14:35 PM.
The sums here of around half a million dollars worth of LTC are relatively small compared to the entire hacked amount of $30 million.
Yet we would think the market buy was either a mistake or loss of patience. He or they may have worried Changpeng Zhao might lock their accounts if he finds out, so perhaps they took the risk of revealing quite a bit of information through market buying in order to take at least some of the loot out.
With the proceeds of theft now washed and somewhat cleaned, the thief might even sell this LTC on Coinbase, but it will be Binance that might attract some attention now because had they applied AML/KYC they might have had the identity of the thief.
Not that it necessarily would have prevented much. They could have used Shapeshift or a decentralized exchange, with the only real barrier being requests for proceeds of funds at USD “checkpoints.”
How the hack itself happened is unclear. Trustnodes is told by Karly Choi from Sentinel Protocol that local media is reporting Bithumb users received suspicious emails containing malicious code.
It may, therefore, have been a phishing scam, but Bithumb itself might have been hacked with the exchange now seeing hacks far too often.
They say they are working with the Korea Internet & Security Agency for root cause investigation, but the funds look like they have gone for now.
And although there are reports that some other coins were stolen, it does look to us like it was mainly XRP, with Bithumb itself only mentioning Ripple in their South Korean announcements.