ON AIR: Marcus Lush Nights

8p.m. - 11:59p.m.

Cryptopia heist: Hackers steal from under police noses

Author
NZ Herald,
Section
National,
Publish Date
Thursday, 31 January 2019, 3:35p.m.
Cryptopia founders Adam Clark and Rob Dawson. Photo / Supplied
Cryptopia founders Adam Clark and Rob Dawson. Photo / Supplied

Hackers are still pilfering thousands from a New Zealand-based digital currency firm, even as police investigate a multi-million-dollar crypto-currency heist that started 18 days ago.

An unauthorised transfer of crypto-currency worth "a significant sum" was made on January 13-14 from Christchurch-based firm Cryptopia.

The exchange went offline on January 15 as company bosses appeared powerless to stop the thousands of illegal transfers from thousands of wallets.

While Christchurch detectives were called in to investigate the apparent security breach, New York-based blockchain infrastructure firm Elementus started its own analysis.

It found that as much as NZ$23 million worth of cryptocurrency could have been stolen, with funds first beginning to be siphoned from Cryptopia's two core wallets — one holding ETH, the other tokens — on the morning of January 13.

"The funds were taken from more than 76,000 different wallets, none of which were smart contracts. The thieves must have gained access to not one private key, but thousands of them," Elementus analyst Max Galka wrote on a blog.

But now, even with a "very complex" police probe underway, it appears that the hackers are still draining the digital money.

Elementus said in a further blog post this week that an additional 1675 ether from 17,000 Cryptopia wallets – amounting to about NZ$260,000 – had been taken.

The funds began moving on Monday morning and continued throughout the day, Elementus said.

After initially thinking it could've been Cryptopia securing its remaining funds, Elementus said it soon "became obvious this was the same hacker".

The blockchain experts concluded that Cryptopia "no longer has control of their Ethereum wallets, and the hacker still does".

"The hacker has the private keys and can withdraw funds from any Cryptopia wallet at will," it wrote, adding that, despite the hack, many Cryptopia users continue depositing funds into their Ethereum wallets.

Detective Inspector Greg Murton said he is aware claims of a further hack and that his experts are looking into it.

Police have previously said they are drawing on international expertise to investigate the theft, including members of the cryptocurrency trading community.

"This is a very complex investigation, involving expert digital forensic investigators from within New Zealand and in various overseas jurisdictions, as well as overseas authorities," an earlier police statement said.

"Positive lines of inquiry are being developed to identify the source of the transfer."

Members of the investigation team have met with Cryptopia management and staff.

At least $3.5m-worth of the funds hacked on the night of January 13-14 are visible in one digital wallet.

Some money sent from the visible wallet to the giant international cryptocurrency exchange Binance has been frozen by that exchange.

ON AIR: Marcus Lush Nights

8p.m. - 11:59p.m.