On January 29, 2019, Elementus reported that Cryptopia has suffered a second attack that led to the loss of 1,675 ether () tokens after suffering a similar attack on January 14, 2019.
On January 15, 2019, New Zealand-based crypto exchange Cryptopia suspended activities after suffering a hack that led to significant losses. The hack itself took place on January 14, 2019, and on the same day, the exchange announced that they would be undergoing unscheduled maintenance. According to Elementus, about $16 million worth of ether and were stolen during the January 14 Hack.
Now it would seem that the attack on Cryptopia hasn’t ended as Elementus has stated, on January 29, 2019, that the exchange has suffered yet another attack.
Still at Risk
When Elementus first studied the January 14 attack, they had noted that many of the wallets that had been targeted were still at risk despite the suspension of activities.
“1,948 Ethereum wallets and $46k in Ether remain at risk,” the post had said.
Now, they claim that the hacker who had been responsible for the attack has sprung up again and has stolen 1,675 ETH from a total of 17,000 accounts. Elementus claims that some of the accounts targeted in this fresh attack include the ones they had previously warned about. Another 5,000 wallets attacked were those that were drained during the initial hack but have since been replenished (probably unknowingly) by their owners.
The movement of funds began at on January 28, 2019, and accumulated in the same Ethereum address. Initially, Elementus has thought that maybe the movement was done on the part of Cryptopia in an attempt to secure their funds. However, it now seems that it is the same hacker as some of the funds are being moved into the same crypto wallet used in the first hack.
It now appears that Cryptopia does not have control over these wallets anymore and the hackers now do. It is also apparent that some Cryptopia users are still putting money into compromised accounts. However, some of the payments appear to be coming from mining pools which means that the funds belong to miners who have opted to have their funds paid via direct deposit into their crypto wallets.
Hackers within the crypto community are nothing new but are becoming more rampant. It was reported that two hacker groups have stolen up to a billion dollars in crypto in the last year.