Singaporean-based cryptocurrency exchange DragonEx has officially warned its users that it has gone through a hack, this is not the first time crypto exchanges get hacked. The announcement was made on the exchange’s Telegram Channel on March 25th.
Per the official release, the hackers managed to steal both users’ and platform crypto assets on March 24th. Purportedly, the breach was identified immediately, which allowed the exchange to retrieve some of the assets.
According to a channel administrator on behalf of DragonEX Telegram, the exchange will take responsibility in any case. He also revealed that the appropriate authorities have already been informed of the case.
Part of the assets were retrieved back, and we will do our best to retrieve back the rest of stolen assets. Several Judicial administrations were informed about this cyber crime case including Estonia, Thailand, Singapore, Hong Kong etc. and we’re assisting policemen to do investigation. All platform services will be closed and the accurate assets loss recovery situation will be announced in a week.
A Call to Help
Going further, another admin from the DragonEx exchange’s English Telegram channel identified a total of 20 wallet addresses to which the assets subject of the attack are believed to have been moved. Each one of them is seemingly corresponding to a different cryptocurrency, hence comprising 20 addresses for 20 unique digital assets, including EOS, Ripple, Bitcoin, Litecoin, and so forth.
Apart from that, the admin has called “fellow” exchanges to help with the investigation and the subsequent freezing of the stolen assets.
After investigation, the stolen assets from DragonEx were transferred to the following address, we earnestly request help from all our fellow exchanges and other industry strength, please help us to investigate and traced the assets, freeze them and stop the assets flow. – Reads the announcement.
Changpeng Zhao, CEO at Binance, the world’s leading cryptocurrency exchange, has leaned in on the issue, outlining that Binance hasn’t received “much funds” from DragonEx-associated addresses.
He also said that their systems are able “to identify most external exchange addresses.”
A few guys asked about DragonEx funds.
As always, @binance will freeze any identify-able stolen funds. Here is a snippet of a chart produced by our internal big-date risk mgnt system yesterday. Not much funds have came to Binance this time around. Hackers learn.
— CZ Binance (@cz_binance) March 27, 2019
Can Hackers Get Away Despite Heavy KYC Requirements of Most Exchanges?
One of the pressing points to address is whether or not hackers would be able to get away with the stolen funds now that most reliable cryptocurrency exchanges have implemented particularly scrutinous Know-Your-Customer (KYC) requirements.
Binance, for example, requires an ID and Address verification, while also featuring a facial recognition real-time software. In other words, they know your ID number, as well as your address and how you look like at the time you’re verifying your account.
Now, we also know that they’ve implemented strong address identification systems, allowing them to “identify most external exchange addresses.”
Hence, it would be increasingly hard for someone to move stolen funds through KYC-compliant cryptocurrency exchange without getting caught.
The other logical alternative for hackers remains over-the-counter (OTC) trades. However, unless they have a ready-made market for their stolen crypto, this is also going to be rather challenging. A lot of the OTC trading platforms also have KYC requirements. LocalBitcoins, for example, recently announced that they have implemented new policies in order to comply with AML regulations.
Of course, it’s important to note that Binance is just one of many cryptocurrency exchanges, and not all of them are so scrutinous about their security. This has proven to be especially true recently, as yet another cryptocurrency exchange got hacked in January – New Zealand’s Cryptopia.