Roughly around two weeks ago, on January 14th, a cryptocurrency exchange called Cryptopia was attacked by an unknown hacker who supposedly managed to steal $2.5 million (19,391 ETH). After the attack, the exchange could not provide a lot of details due to an on-going investigation, and the stolen amount was not confirmed. However, the crypto community members discovered this large amount of ETH coins which was sent from the exchange to an unknown wallet.
The hacker returned after two weeks of being dormant
Yesterday, January 28th, a report published by the blockchain analytics company Elementus informed that the same hacker struck again, stealing additional 1,675 ETH ($180 K) from other Cryptopia wallets. After the first attack, there were many wallets believed to be compromised and at risk, although this also lacked confirmation. The new attack managed to steal funds from those, as well as other wallets. After the second attack, the combined number of compromised wallets has climbed to over 17,000.
The second attack reportedly started on Monday morning, Jan 28 at 6:59 AM, and it continued throughout the day.
Is it the same hacker?
Those who noticed that the funds were being moved on the exchange initially presumed that the exchange is securing the assets that remained after the first hack. However, later during the day, it was confirmed that the hacker caused the activity. The transfers stopped by 9:50 PM, after nearly 15 hours of activity. After that, the combined amount was moved to the same ETH address as the funds stolen in the previous hack:
Even after the first attack was made public, it appears that the exchange’s users continued to deposit funds into compromised wallets. Until the attacker is caught, it is possible that all the funds stored into Cryptopia wallets might end up stolen in a new attack.