Crypto Exchange Bithumb Hacked for $13 Million in Suspected Insider Job

South Korean crypto exchange Bithumb has had over $13 million in EOS stolen in a hack, but says customer funds are safe.

AccessTimeIconMar 30, 2019 at 10:45 a.m. UTC
Updated Sep 13, 2021 at 9:02 a.m. UTC

Update (09:30 UTC, April 1, 2019): According to a report from CoinDesk Korea, Bithumb may have also lost 20.2 million XRP in the recent breach. The XRP, worth $6.2 million at current prices, was moved from Bithumb's wallet on March 29 in transactions that can be seen on XRPSCAN. The exchange is not yet confirming or denying the report.

The odds of Bithumb managing to retrieve the stolen funds may be small, according to crypto security expert Cosine Yu, co-founder of security firm SlowMist. The hacker has already managed to “launder” most of the stolen EOS and XRP, Yu said, meaning the assets have been transferred to a large number of addresses that are not necessarily owned by any exchanges.

“The laundering strategy this time is clever as the theft did not send most of the funds directly to addresses owned by exchanges. ... So it’s almost impossible for Bithumb to retrieve these funds,” Yu told CoinDesk. 

South Korean crypto exchange Bithumb has had around $13 million in the EOS cryptocurrency stolen in a hack it suspects was an insider job.

The company confirmed in statement on Saturday that it first spotted an “abnormal withdrawal” of the cryptocurrency through its monitoring system at 22:00 Korean time (13:00 UTC) on Friday, March 29.

The exchange suspended asset withdrawals and deposits on the platform after noticing the breach.

Bithumb stated:

"All the [stolen] cryptocurrency is owned by the company, and all members' assets are under the protection of a cold wallet."

According to a report from CoinDesk Korea, the exchange was hacked for a total of 3.07 million EOS, which was withdrawn from the exchange’s "hot" (internet connected) wallet through a series of transactions.

Based on the data from CoinMarketCap, EOS is currently trading at $4.22, making the total value of the coins lost around $13 million.

The company said in its statement that it suspects the hack was conducted by an insider, since no evidence of external exploit has been found.

Bithumb has already notified government agencies and is conducting an internal investigation. It said it's also working with major exchanges with the expectation of recovering some of the funds.

Additionally, the remaining assets in Bithumb's hot wallet have been removed to its cold (offline) wallet to prevent further losses until the manner of the breach has been identified and any vulnerabilities fixed.

According to CoinDesk Korea, Lee Sang Sun, described as one of the only EOS arbitrators in South Korea, said, "Overseas exchanges such as Bitfinex manage their EOS wallets with a multisig system, but Bithumb managed its with a single key." However, this detail is not confirmed at press time.

The news comes nearly a year after Bithumb was hacked for some $30 million-worth of cryptocurrencies. The exchange experienced an initial loss of 2,016 bitcoin, 2,219 ether and other coins, but later claimed to have retrieved $14 million-worth of the hacked funds.

Editor's note: Some statements were translated from Korean.

Bithumb image via Shutterstock


Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.