N early 438 bitcoins worth over $3 Million dollars were stolen from a top exchange firm in India. This is the biggest cryptocurrency theft in the country so far.
Coinsecure, the Delhi-based cryptocurrency exchange claims that as the funds have been drawn off to a different wallet address and it is completely out of their control now. Senior officers of Delhi Police’s Cyber Cell confirmed the theft. A case has been registered under IPC section 66 of the IT Act.
What Actually Happened?
The company which has over two lakh clients across the country, told police that they got the news about the biggest crypto theft on Monday (9th April 2018) while going through all the crypto wallets. A senior security officer found that all the bitcoins that were stored offline had vanished. It was later found that the private keys and the passwords that are kept by the company were disclosed online that leads to the hack.
The company tried to trace the hackers, but at the end they found all the data logs of the affected wallets has been wiped out, leaving no traces about where the bitcoins were moved. Since then the website of the company has been shut.
On Thursday night, the company confirmed the hack to their users through a message posted on the website.
“We regret to inform you that our bitcoin funds have been exposed and seem to have been siphoned out to an address that is outside our control. Our system itself has never been compromised or hacked, and the current issue points towards losses caused during an exercise to extract bitcoins to distribute to our customers,” the company stated.
The Founder and CEO of Coinsecure Mohit Kalra told media that he suspects an insider’s involvement. He said that
“Private keys have never been exported online. It seems like an offense has been committed intentionally. We have shared our suspicions with the Cyber Cell and contacted experts to disclose the sources behind the hack and trace the stolen bitcoins.” He further added that even if funds are not recovered then his company is ready to pay from its own pocket for the damages to its clients.
The statement came from Delhi Police that the company’s servers have been seized to find out the extent of the system violation. It is also being checked if more wallets have been compromised. The senior security officer of the company has also been called in for the investigation.
The police found that not only where the private keys online; they were kept there for more than 12 hours. Police is also checking whether the infected malware is the reason behind the hack.
Coinsecure was one of the trusted names in the Indian cryptocurrency markets. Thousands of users were actively trading Bitcoins using the platform and they were also working on adding multi-coin support. The exchange recently launched applications for Android and iOS operating systems. However, following this incident, the future of Coinsecure hangs in the balance.
This news comes against the backdrop of the latest RBI announcement, giving Indian banks a period of 3 months to cease all relationships with Cryptocurrency investors and exchanges. Some say that this hack is an exit strategy, following in the footsteps of Mt Gox to get liquidated. Despite all the uncertainty, it will be better to wait and watch to see how these events turn out.