Some overdue transparency into the Cryptopia exchange hack

In the five days since the Cryptopia hack was first reported, we've seen surprisingly little information about what actually happened.

Nobody seems to know:

  • How the theft took place: How, when, and where were the funds taken?
  • How much was lost: Cryptopia has not disclosed how much was stolen. Media reports on the total value of stolen assets range from $3m to $13m.
  • The current status of the stolen funds: We've seen a few blips about exchanges freezing stolen funds, but nothing on how much was frozen or where the rest of the funds sit.

This hack impacts thousands of people who have funds in Cryptopia's custody. While Cryptopia may have their reasons for remaining quiet, we think it's important for the facts to be known.

Ironically, definitive answers to all the questions above are hiding in plain sight, encoded in a public database called the Ethereum blockchain, which is unfortunately not well designed for human consumption. However, our technology is designed to enable just that.

Based on data sourced via the Elementus query engine, here is how the Cryptopia hack actually went down.

Edit: As we know there is a lot of bad information going around, we've posted the raw data used in this analysis online so that anyone can validate it for themselves.

What happened?

This case is quite different from other high profile hacks we've seen in the past. But before explaining what makes this case so unusual, here is a brief overview of what's been reported and what we can deduce from the blockchain.

All times below are Eastern Time (GMT-5).

  • Sunday 13-Jan, 8:28am: Funds begin moving out of Cryptopia's two core hot wallets, one holding ether and the other holding tokens.
  • Sunday 13-Jan, 11:58pm: With the core wallets empty, residual quantities of funds begin leaving Cryptopia's 76k+ secondary wallets, a process that would continue for several days.
  • Monday 14-Jan, 6:00am: Cryptopia suspends trading, announcing they are undergoing unscheduled maintenance.
  • Tuesday 15-Jan, 3:00am: Cryptopia discloses the security breach and New Zealand law enforcement steps in.
  • Thursday 17-Jan, 5:58am: The last of Cryptopia's funds are drained.

By our calculations, the total value of the stolen crypto (ether and various tokens), at current market prices, comes out to about $16 million. This number includes only what's on the Ethereum blockchain (ether and ERC20 tokens). We have not examined the Bitcoin blockchain or other blockchains to see if funds were stolen there as well.

The thieves took ether and ERC20 tokens valued at about $16 million

The breakdown of losses by cryptoasset is shown below.

Asset Value (USD)
ETH$3,570,124
Dentacoin$2,446,212
Oyster Pearl$1,948,223
Lisk ML$1,718,610
Centrality$1,148,144
Mothership$880,141
Ormeus$452,841
DAPS$384,425
Zap$147,158
Pillar$254,521
Other tokens$3,051,709
Total$16,002,108

Market value of crypto assets stolen from Cryptopia, valued at 19-Jan-2019 market prices. For more detail, see the full breakout by token / full list of transactions out of Cryptopia into the hackers' wallets

Where are the stolen funds now?

For the last few days, the hackers have been shuffling the funds around in small pieces and gradually moving them into exchanges to cash out. The graphic and table below show how much has been sent to each exchange.

How much have the thieves attempted to cash-out at exchanges?

Exchange Deposits Value (USD)
Bibox44$326,581
Binance63$279,525
Huobi21$147,715
HitBTC23$56,648
CoinExchange9$22,908
Digifinex6$13,017
Bittrex2$11,865
Changelly8$8,152
Kucoin4$6,597
ABCC6$4,978
Mercatox2$3,199
LAToken1$1,381
Bitmart1$66
Gate2$0
Total192$882,632

Market value of stolen crypto assets that have been sent to exchanges

Of the $16m that was stolen, the vast majority (~$15m) remains in two wallets controlled by the thieves:

We are continuing to watch the movement of the funds and will keep the figures in this post updated.

What makes this hack so unusual?

This hack is quite different from other high-profile heists on the blockchain. Normally, they fit one of two profiles:

  • Smart contract exploits (e.g. Parity, The DAO, SpankChain): Hackers discover a vulnerability in a wallet's smart contract code, which allows them to empty its funds. These cases may involve many wallets, if the same vulnerability is present in all of them. But once the first wallet is breached, things come to a head rather quickly, as it typically becomes a race between the hackers and the wallet owners (sometimes assisted by white hat hackers) to get to the money first.

  • Unauthorized access credentials (e.g. Coinrail, Tether, Gatecoin): Someone outside (or perhaps inside) the company manages to get a hold of a wallet's private key and simply withdraws the funds into their own blockchain wallet. These cases typically involve the breach of a single wallet, and by the time the theft becomes publicly known, the funds are long gone.

The Cryptopia hack differs from these profiles in two glaring ways.

1) The Cryptopia hack involved a large number of wallets.

The funds were taken from more than 76k different wallets, none of which were smart contracts. The thieves must have gained access to not one private key, but thousands of them.

2) The hack continued for days after Cryptopia discovered the breach.

The lack of urgency on the part of the thieves is striking. Rather than withdrawing the funds as fast as possible, as is the case in most crypto hacks, they took their time extracting the assets over the course of nearly five days.

After Cryptopia discovered the hack, they watched the funds continue to flow out of their wallets for four more days, seemingly powerless to stop it. As these wallets were not smart contracts, there should have been no technical complications preventing Cryptopia from securing the funds.

The only plausible explanation for Cryptopia's inaction is that they no longer had access to their own wallets.

It seems Cryptopia not only lost their funds, they also lost access to all, or nearly all, of their 76k+ Ethereum wallets.

One possible explanation is that Cryptopia had their private keys stored in a single server with no redundancy. If the thieves managed to gain access to this server, they could have downloaded the private keys before wiping them from the server, leaving Cryptopia unable to access their own wallets.

Conclusions

Our conclusions from the investigation.

1,948 Ethereum wallets and $46k in Ether remain at risk.

We count about 2,000 remaining Cryptopia wallets holding a combined balance of ~380 ETH (about $46k). Most of these funds were deposited by Cryptopia users after the initial hack took place, apparently unaware of the security breach.

Assuming the thieves have access to these wallets, and Cryptopia does not, recovering the funds is a lost cause. However, if Cryptopia knows the identities of these users, hopefully they've had the foresight to contact them and let them know not to send any more funds.

See the full list of at-risk wallets here

It's likely Cryptopia has additional funds safely stashed away somewhere.

The value of stolen ETH amounts to "only" about $3.5m. While this is by no means a small amount in absolute terms, it is small relative to what we would expect Cryptopia to hold in user deposits. This leads us to think Cryptopia must have a cache of ether stashed away.

If these funds are out there, they would likely either be stored on-chain in a cold wallet or off-chain in the custody of another exchange.

Exchanges should be freezing these funds as soon as they arrive.

No excuses. On the blockchain there is nowhere to hide, and no reason 100% of these transfers should not have been frozen immediately.

Any exchanges who care about compliance and want to block these illicit funds are encouraged to get in touch. We will set up a real-time alert to notify you the moment any of these stolen funds hit your accounts, free of charge.

No excuses.


Elementus is the World Blockchain Index. All information shown in this post was sourced via the Elementus blockchain query engine. The raw data used in the analysis is available here.

Want to contribute or have an idea to toss around? Contact us.