South Korea: Five Local Bitcoin Exchanges Fail Security Test, Hacked With ‘Basic Tools’
South Korea’s MBC paid security firm to hack into exchanges in a cybersecurity demonstration. All five exchanges have allegedly failed the test.
South Korean media outlet MBC has hired a security firm to test the security setup of “five Korean Bitcoin exchanges,” including Bithumb. The company has allegedly been able to successfully hack into all five of the targeted platforms, receiving access to user data and funds.
As the network reports in an article, it published about its own exploits today, ‘hackers’ it hired circumvented security procedures using what it describes as “basic hacking tools.”
If true, the test underlines the fragmented nature of many users’ cryptocurrency exchange security settings, as well as the setups of exchanges themselves, as larger thefts continue to occur.
Just this week, South Korean exchange Youbit announced it was filing for bankruptcy after suffering two hacks this year, the second of which lost it 17 percent of its net assets.
It is unknown whether Youbit was one of the five exchanges targeted in MBC’s experiment, which saw security workers set up their own accounts which they then compromised. However, it is claimed that the country’s biggest exchange - Bithumb - was successfully hacked during the test.
Bithumb has itself fallen victim to major security breaches in recent months, malicious parties gaining access to both funds and sensitive user account data.
As part of the hacking, MBC’s proxies gained “user IDs and passwords” and even circumvented two-factor authentication.
“The wallet was penetrated without difficulty,” the article relates. “The key to your wallet, ID and password was exposed.”
Various theories have surfaced regarding South Korea’s exchange hacking issues, with North Korea increasingly suspected as a major perpetrator of cybercrime in order to amass cryptocurrency.
According to the report, MBC has “contacted the South Korean government” prior to publishing, to notify it about the critical security issues on the local exchanges. Official responses have yet to emerge about the MBC investigation.