Cryptocurrency exchanges have been a target for hackers wanting to get their hands on cryptocurrency when they first began offering their services. Now, according to a statement made by Upbit, a South Korean cryptocurrency exchange, they have suffered a 48.5 million USD loss as a result of hackers. On November 27, 2019, the company suspended all deposit and withdrawal services, stating 342,000 in Ethereum (ETH) had been stolen from one of the companies Upbeat Ethereum hot wallets to a previously unknown wallet address.
According to Lee Seok-woo, chief executive of Doo-myeon, the operators of Upbit, the attack took place at 1:06 pm Korean time on November 27. Other than that very little is known as to the nature of the attack as well as who may be behind the attack. However, the wallet used by the hackers could be traced and showed that the stolen Ethereum was done over the course of 17 transactions. At the time of writing the cryptocurrency was still in the wallet. In the statement, Leon Seok-woo stated that Upbit assets will cover the stolen funds and customers will not be impacted beyond an estimated two-week timeframe for deposit and withdrawal services to resume. It was further noted that any cryptocurrency that was still in the affected hot wallet had been transferred to a cold wallet not connected to the Internet.
The incident has raised certain uncomfortable questions regarding the exact reason as to why so many coins were kept in a single wallet given how numerous other exchanges have fallen foul to hackers. Further, adding fuel to the fire, is the complete lack of detail, bar the date and time when the attack occurred, as to the nature of the attack. This has led some Reddit users to question the authenticity of the claim. It is feared that this may be an elaborate ploy to perform an exit scam or an inside job to steal the funds. As of yet, there is no evidence to prove that this is the case but questions have been raised given how others have been burned in the past.
Exit scams is a fraudulent operation where fraudsters either pretend to be an initial coin offering (ICO) or cryptocurrency exchange and once funds have been raised or wallets filled they disappear often leaving victims with little in the way of recourse if they want their money back.
It is prudent to repeat that there is no evidence of the operators of Upbit being involved in such a scam and currently it is assumed they indeed suffered a cyber incident resulting in the stealing of coins, there have been cases of exit scams in the past involving cryptocurrency exchanges. It is perhaps these past incidents coupled with the lack of information that has got people worried, despite statements to say that users of the exchange will not be left out of pocket. One such incident involved LoopX, which made off with 4.5 million USD of investor money. Initially, when the startup started operations it allegedly offered high returns for those who invested in their algorithm. In total, the con artists managed to swindle 276.21 Bitcoins (BTC) and 2,446.70 in Ethereum (ETH).
The company claimed, according to article published at the time, that,
“We are here to help you make money in the emerging market of cryptocurrencies which is projected to grow up to 10 times the size of now until the next year. The LoopX system gives you guaranteed profits every week thanks to the most advanced trading software out there to date!”
The quote was taken from an article published by ZDNet. When looking for a cached site for the company all that came up was a site offering to find users the best online casino. This in itself is highly suspicious, however, this was in all likelihood, not the website presented to potential investors. The investment cycle appeared to go through five investment cycles. Upon the completion of the fifth cycle, the scammers seemed to go completely dark. This included Twitter, Facebook, Telegram, and YouTube profiles. There were fears that the business was scam dating back to January 2018, with fears being stoked by the lack of transparency no proof of code promised until after the final ICO, no concrete information relating to team members or developers of the trading system and the promise of consistent financial returns even though the market is known to be volatile. Given the less than illustrious history of many ICOs and exchanges, as well as those pretending to be, it is little wonder some are skeptical of Upbit’s claims.
Often detecting scams can be difficult but before you are willing to hand over coins or currency there are a few tell-tale signs it might be a scam. Firstly, it is advised to do your research, one way to help determine if it is a safe investment is to look at company employees' and directors' previous work experience on LinkedIn for example. Companies wanting investment for ICO opportunities should have published several white papers explaining how they intend to operate and provide returns on investment. If the paper is written in general terms and lacking any real information as to planned operations warning bells should be going off. Like with other scams if it is too good to be true, then it is probably a scam. Higher than market average returns and like was seen with LoopX promising consistent financial returns are all warning signs.