Coinrail, South Korea’s seventh largest cryptocurrency exchange was hacked on Sunday, June 10. The thieves were targeting several altcoins. Local media reported that the damage was estimated to be around 45 billion won (about US$42 million).
A recently launched token, Pundi X’s NPXS, was the hardest hit. It accounts for roughly two-thirds of Coinrail’s trading volume. Others that were probably stolen include ATX, NPER and DENT.
Chosun reported last Monday that, back in February, some local banks had detected money laundering activities at Coinrail. A bank official was quoted by the publication as he/she revealed: “Several banks that traded with Coinrail found suspicious money-laundering transactions in Coinrail in February, and some banks took steps to stop their fund deposits in April.”
However, the banks did not offer any specific reasons for the suspension of the service, as the news outlet noted.
In South Korea, it is allowed for all banks to legally refuse to service crypto exchanges under the Financial Transaction Reporting and Use Act and Virtual Currency Anti-Money Laundering Guideline, if they do not use real-name accounts. This real-name system was implemented in January ending. But the conversion rate has been low.
A lot of media focused on the Coinrail incident. This is because it is the biggest cyber theft in South Korea to date by the equivalent won amount. Another exchange in the country, Youbit, has suffered two major hacks, due to security breaches in April and in December. Yapizon was Youbit’s former name. in April, after the first hack, it changed its name.
Coinrail’s exchange has been offline with a system maintenance note on its website. According to the notice, 70 percent of the total coins at Coinrail have been safely moved to cold storage. The exchange wrote: “About 80% of the coins that have been confirmed to be leaked have been frozen/ withdrawn/ redeemed or equivalent…while the remainder is under investigation with investigators, related exchanges, and coin developers.” The exchange added: “The exact damage of the leaked coins/tokens is currently being confirmed, which may require some time with the coins.”
The Korea Times quoted the National Police Agency Cyber Bureau last Monday, “Investigators visited the exchange yesterday to ascertain whether it was an accident or a crime.” The police, the Korea internet Development Agency (KISA) and the Ministry of Science, Technology, and Information are investigating the case. As detailed by Daily, “KISA has been on the scene since the day of the 10th and is analyzing the cause of the incident jointly with the National Police Agency.”