Coinrail Exchange Hacked, Loses Possibly $40 Million in Cryptos

Coinrail Exchange Hacked, Loses Possibly $40 Million in Cryptos

Coinrail, a crypto exchange based out of South Korea, said on Sunday its platform was hacked with cryptocurrencies that appeared to worth $40 million at the time of the event.

According to Coinrail's website, the exchange has already suspended its service to conduct system maintenance since it has suffered from what it calls a "cyber intrusion," which resulted in a range of ERC-20 based tokens stolen from the platform.

However, Coinrail has so far only given names of some of the tokens that were hacked without disclosing their exact amount at stake, such as the NPXS token from the Pundi X project, ATC from Aston and NPER project's token NPER.

Yet, a blog post published by Pundi X on Sunday hinted that the alleged hacker may have stolen 1,927 ETH, 2.6 billion NPXS, 93 million ATX, 831 million DENT coins as well as six other alt-coins also in significant amounts.

These assets in total worth around $40 million at the time of the hack and have since then dropped to $30 million as of press time, according to data from CoinMarketCap.

Pundi X's article suggested that following the hack, Coinrail has alerted the project on Sunday an ethereum address which is believed by Coinrail to be associated with the alleged hacker. That address is now flagged as "Fake_Phishing1432."

Data from Etherscan.io shows the address has tried to sell some 26 million NPXS tokens at IDEX, a decentralized ethereum asset exchange, right after it received 2.6 billion of the same from another address that is also now labeled as a suspicious account - "Fake_Phishing1431."

Coinrail and Pundi X claimed that IDEX has frozen the assets sent from Fake_Phishing1432 upon investigation, as such the NPXS tokens are not liquidated.

In addition, transactions associated with Fake_Phishing1431 shows it has received a range of cryptos from one single address several hours before Coinrail reported the hack, which, besides ETH, NPSX, ATX, DENT, also included tokens from other projects such as Kyber Network, Storm, Jibrel Network, and Tron.

Data from etherscan.io further indicates that following the hack, while the NPXS was sent to IDEA, other stolen tokens appeared to have been sent for trading to EtherDelta, another decentralized cryptocurrency exchange.

However, it remains unclear at this stage whether the assets had been liquidated or not. Coinrail could not be reached for an update. EtherDelta has not yet responded to CoinDesk's enquires for comments.

Coinrail said on its website that 70 percent of its reserve are safe as they have been moved to a cold wallet which is not accessible through the internet.

For the rest 30 percent that were compromised, the firm said two-thirds of them are currently frozen - that include NPXS, ATX, NPER. Meanwhile, it's still investigating on the rest one-third with "police, investigators, relevant exchanges and project developers."

Data from CoinMarketCap showed the platform was ranked around 90th largest around the time of the hack, with some $2 million 24-hour trading volume on the site. Its data is currently not available on CoinMarketCap due to the system suspension.

Hack image via Shutterstock

The leader in blockchain news, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.