Bithumb hack is an inside job


News broke this morning that Korean cryptocurrency exchange Bithumb had been hacked. The cryptocurrencies at the center of the hack are reported to be EOS and XRP and the hack targeted the cold storage devices of Bithumb.

Whenever an exchange is hacked the crypto community are quick to say “Bithumb hack is an inside job” and these claims are mostly unsubstantiated. Now it would appear that in this case it really is a case of “Bithumb hack is an inside job” as Bithumb have issued a press release on their website confirming this.

Bithumb hack is an inside job

Bitumb 30-03-2019:


This is Bithumb, the global cryptocurrency exchange.

We deeply apologize to our members for delaying the cryptocurrency deposit and withdrawal service, We would like to inform you of the circumstances of the grounds and confirm that your assets are safe.

About 10:15 pm on the 29th,  we detected abnormal withdrawal of the company’s cryptocurrency through Bithumb’s abnormal trading monitoring system. According to the company’s manual, Bithumb secured all the cryptocurrency from the detection time with a cold wallet and checked them by blocking deposit and withdrawal service. As a result of the inspection, it is judged that the incident is an accident involving insiders because the external intrusion path has not been revealed until now.

Based on the facts, we are conducting intensive investigations with KISA, Cyber ​​Police Agency and security companies. At the same time, we are working with major exchanges and foundations and expect to recover the loss of the cryptocurrency equivalent.

Bithumb exchange is certified ISMS and applied to multi-signature withdrawal scheme. We constantly monitor and block  external hacking. However, we apologize for any inconvenience this may have caused by insufficient control of our internal staff. Our members’ KRW deposit/withdrawal service is normally available, and we will do our best to secure the stability of the service and to resume as soon as possible. Specific resumption schedule will be announced through separate announcement.

Again, we apologize for any inconvenience you may have caused.

We will do our best to protect our member’s assets.


The terminology used in the press release is vague at best. Calling the breach and subsequent transfer of such high volumes of crypto to external addresses an “accident” is, in our opinion, somewhat understating the impact. The slightest whiff of a hack often has a significant impact on the global crypto markets, more often than not seeing the price of the coins involved to nose dive.

Obviously Bithumb need to proceed cautiously in order to allow law enforcement to do their work as per:

“Based on the facts,we are conducting intensive investigations with KISA, Cyber ​​Police Agency and security companies.”

As we have seen with the hack and investigation of the New Zealand based crypto exchange Cryptyopia these investigations take a lot of time. Perhaps with their quick admission of an inside job this investigation could be completed a lot sooner than in the case of an external hack?

Relevant news