15 days later, the Cryptopia hack continues

 

Today, 15 days after the initial breach, another 17k Cryptopia wallets were drained of 1,675 ETH

After stealing $16 million followed by many days of dormancy, the Cryptopia hacker started up again today, siphoning an additional 1,675 ETH (worth about $180k at today's market rates) from an another 17k Cryptopia wallets.


Among the wallets affected are the 1,948 at-risk wallets we identified previously, some of which have continued to accrue funds as recently as today. The list also includes 5,240 wallets that had already been drained in the original hack, but have since been topped up, apparently by Cryptopia users unaware of the breach.


The funds began moving at 6:59 AM this morning (Monday, 28-Jan) and continued throughout the day, accumulating in this Ethereum address:

0x3b46c790ff408e987928169bd1904b6d71c00305


Initially it wasn't clear whether this might be Cryptopia securing their remaining funds. But by 9:50pm this evening, we got our confirmation that this was indeed the same thief. At that time, the incoming transfers stopped and the combined funds were moved into the address below, the same wallet that currently stores the other stolen Cryptopia funds.

0xaa923cd02364bb8a4c3d6f894178d2e12231655c


Conclusion

Though Cryptopia remains silent, two things now seem quite apparent.

1) Consistent with our earlier hypothesis, Cryptopia no longer has the private keys to their Ethereum wallets and the hacker does.

2) Despite the hack, many Cryptopia users continue depositing funds into their Ethereum wallets.

Unless and until the thieves are caught, we would expect that any funds sent to Cryptopia are likely to end up under their control.



Author: crypt0
TAGS: cryptopia , hack , cryptocurrency , ,
Positive Votes: no votes