Chinese Bitcoin exchange denies hacking rumors after theft of $2.5M

Think the Chinese authorities will weigh in? Not likely.

Chinese Bitcoin trading exchange denies hacking rumors after theft of $2.5M

A Chinese Bitcoin trading exchange has denied rumors that it suffered a hacking attack after its users lost a total of $2.5 million in Bitcoins to unknown actors.

On 4 October 2017, OKex, a cryptocurrency exchange which functions as part of the Chinese Bitcoin company OKcoin, acknowledged that several of its users have experienced “abnormal logins” to their accounts in recent months.

For instance, one user spotted someone logging into their account using a Germany-based IP back in August 2017. That unknown hacker sold all the user’s Bitcoins and canceled all pending orders within an hour, reports HackRead. In so doing, they cost the affected user 200 Bitcoins, or around US $850,000 according to current exchange rates.

Other OKex users have reported similar unauthorized sales of their Bitcoins since then. In total, they’ve lost 600 Bitcoins, which is currently worth about US $2.5 million.

Even so, the Chinese Bitcoin trading exchange isn’t taking responsibility for what happened. Just look at what Lennix Lai, financial market director at OKex and OKcoin, has to say about these instances of theft:

Okay, so what’s OKex’s explanation?

As it reveals in its statement, the Bitcoin trading exchange suspects the hacks occurred because users used passwords that were too simple, didn’t store their passwords securely, logged into their account using a malware-infected computer, or reused the password for another web service that might have suffered a breach.

OKex is therefore urging users to enable two-step verification (2SV) on their accounts by installing the Google Authenticator app onto their mobile devices.

It’s unclear how many OKex users lost Bitcoins to hackers in recent months. As a result, it’s difficult to determine whether the hacking instances were part of a larger campaign targeting the exchange.

They very well could have been. After all, other cryptocurrency platforms have suffered similar thefts since the summer of 2017. It’s not impossible that hackers set their sights on OKex as a whole.

Unfortunately, their decision to do so doesn’t bode well for users wishing to recover their lost funds. OKex hasn’t said anything about working with users to return their stolen Bitcoins. And as most of the world knows by now, the People’s Bank of China declared initial coin offerings illegal in the beginning of September, which means Chinese law enforcement won’t likely get involved.

In the cryptocurrency world, so much rests with each trading platform. Users should therefore do their research and think very carefully before enrolling with a specific service. If they do choose a platform, they need to remember that Bitcoin and other cryptocurrencies aren’t generally insured by entities like the FDIC, and if they are, they are usually covered for up to only a certain amount. That means any sizable losses could likely fall squarely on their shoulders.

Tags: , , ,

   Join thousands of others and sign up to our free "GCHQ" newsletter.

Smashing Security podcast
Check out "Smashing Security", the award-winning weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"It's brilliant!" • "Three people having fun in an industry often focused on bad news" • Winner of the Best Security Podcast 2018

Latest episodes:
Listen on Apple Podcasts Listen on Google Podcasts

, , ,

No comments yet.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.