Five South Korean cryptocurrency exchanges fail basic security tests

A security firm was able to use basic tools to hack into five popular South Korean cryptocurrency exchange platforms.
Ali Raza

Published on Dec 23, 2017 06:41 By Ali Raza

The South Korean news outlet, MBC, recently contracted the services of a local cybersecurity firm in order to test the security protocols and measures of five prominent South Korean cryptocurrency exchange platforms, including Bithumb. MBC reported that the security firm successfully hacked into all five exchanges and managed to gain access to its funds and user information. The article notes that the cybersecurity firm used only the most basic hacking techniques and tools to evade security detection methods from the chosen exchanges.

This experiment emphasizes the frailty of the major cryptocurrency exchange platforms, especially in the wake of major hacks which continues to threaten the industry’s reputation and ability to continue operations. Earlier this week, the South Korea-based exchange, Youbit, declared bankruptcy following its second hack within eight months in which the company lost 17% of its total net assets.

It is still unclear whether Youbit was one of the chosen exchanges for the MBC experiment. In the experiment, researchers from the cybersecurity firm set up accounts and then hacked into their own accounts. The researchers successfully hacked the biggest South Korean exchange, Bithumb.

Bithumb, one of the world’s most prominent crypto exchanges, has experienced major data and security breaches in the last few months, as hackers managed to gain access to both their funds and userbase information. According to MBC, their security team managed to gain access to user login credentials and successfully hack their way past two-factor authentication techniques. The article notes that wallets were easily compromised, as well as users’ private key, password, and ID.

Several cybersecurity firms and governmental agencies have claimed that North Korea was to blame for South Korea’s latest increase in cryptocurrency-related hacks. Theories have emerged which suggests that North Korean state-sponsored hackers are stealing cryptocurrency so that the country can circumvent financial sanctions.

MBC noted that they have contacted the local South Korean law authorities regarding the security flaws. No official comment has been made by any involved cryptocurrency exchange platform, or law enforcement authorities.