secondary title

Three exchanges were stolen in three days

On March 24, DragonEx, a digital asset trading platform called "Dragon Net" by currency circle users, issued a system upgrade announcement, suspending all transactions and deposit and withdrawal services; on March 25, the "upgrade" was delayed, and Dragon Net officially announced Asset theft. A day later, Dragon Net disclosed the hacker's wallet address, involving more than 20 digital assets.

On the day of the hacker attack on Longwang, the exchange Etbox was also hacked. Three days later, Etbox issued an announcement stating that the attack resulted in a loss of assets of $132,000 on the platform.

At 0:08 am on March 26, the crisis spread to BiKi exchange. One investor discovered his account password had been tampered with, and by around 5am, 28 other Biki users had the same problem. At 3 p.m. on the same day, Biki announced in its announcement that 37 accounts were involved in tampered passwords, 18 accounts were involved in asset transfers, and the loss amounted to US$123,300.

Dragon.com, which suffered the most serious losses, stated that it has recovered part of the funds and filed a report with the administrative and judicial agencies in Estonia, Thailand, Singapore, and Hong Kong to assist the police in their investigation.

"The chance of recovering the stolen assets is very low. Although Dragon Net has always said that it has contacted the police in many countries and regions, but judging from the past experience of the exchange being stolen, recovery of losses may be far away." A user Express it like this.

secondary title

what the coin thrower missed

When it comes to the recovery of stolen coins, we have to talk about the notorious "Mentougou incident" in history. In the Mentougou incident, hackers stole a total of nearly 750,000 bitcoins from users and 100,000 bitcoins from exchanges. The number of stolen bitcoins accounted for about 7% of the total global bitcoins at that time. When the incident happened, the average price of BTC was around $400, which was worth about $473 million at the time, and it is now around $5,000. Ultimately, the Mt.Gox exchange filed for bankruptcy in February 2014.

Five years later......

On March 20, 2019, the Tokyo District Court issued a report on the "Mt. Gox Incident". The creditor applied for compensation of 1,167,841.7 bitcoins, which the court found to be 938,476.2; applied for compensation of 1,363,351.4 bitcoins, and the court found 938,476.2; the value of the application for compensation was 1,706.6 billion yen, and the court found 10.2 billion yen. To pay the amount determined by the court, Mt.Gox has fallen into serious insolvency. For the victims of the Mentougou incident who have been waiting for five years, it seems that there will be an end.

secondary title

Asset protection, prevent problems before they happen

It is difficult to retrieve encrypted assets, and it is difficult to reach the sky. Some people are willing to give the city government 7.4 million pounds just to obtain permission to dig up the dump and retrieve the computer hard drive that stores Bitcoin information; some people find a hypnotist, hoping to evoke forgotten memories through hypnotherapy; Crack your own hardware wallet... The event mentioned here does not refer to being stolen or robbed, but refers to the Bitcoin owner losing the private key for various reasons.

It is very difficult to recover the private keys lost by oneself, not to mention the private keys stolen by hackers who have gone through layers of camouflage. In the world of encrypted assets, it is even more difficult to track down the manipulators behind the scenes, bring them to justice, and return the assets. Difficult. For some hackers, it is also very common to wait for the loser to be completely desperate after three to five years before cashing out the assets in the address.

Regarding the protection of personal assets, Kushen CTO Ye Fei has made it clear many times: the private key should not be stored online, and the private key should be kept in his own hands. First of all, you need to buy a hardware wallet of a regular brand, and secondly, the most important thing is to make a backup of the mnemonic, which cannot be saved on the computer or in the cloud disk. Lastly, the hardware wallet itself also needs to be taken care of.

Ye Fei believes that refusing to lose coins is the "kingly way" for exchanges, but there is little that can be done. In reality, hackers are also changing their attack strategies, from attacking the private key of the asset to attacking the database of the project party. The security prevention and control of the exchange database is relatively weak, and the exchange should strengthen risk control in the process of applying for withdrawals and issuing coins to ensure the safety of assets. The exchange must firmly control the asset storage and private key management, recharge, and coin withdrawal. At present, it is impossible to achieve technical perfection, and some institutional norms need to be used to reduce the risk of transactions.