Five cryptocurrency exchanges are grappling with security breaches or operational failures. Bter, HitBTC, and Exco.in have acknowledged hacks or halted customer withdrawals. CCDEK and ShapeShift.io ar
Five cryptocurrency exchanges are grappling with security breaches or operational failures. Bter, HitBTC, and Exco.in have acknowledged hacks or halted customer withdrawals. CCDEK and ShapeShift.io are managing separate technical problems.
Bter suffered the most severe breach. The exchange shut down entirely after a hacker drained 7,170 BTC from its cold wallet, equivalent to $1.75 million at current prices. The company posted a 770 BTC bounty for information leading to fund recovery. Whether the attacker breached a properly constructed cold wallet remains unclear.
This marks the second major incident for Bter. In a previous attack, the exchange lost over 50 million NXT tokens. Bter recovered most of that through negotiation but at significant BTC cost. The new breach appears more damaging and recovery prospects look dim. The exchange replaced its homepage with a text-only message detailing the transaction that moved the stolen funds.
Bter also faced scrutiny over the BitBay scandal, where the exchange stood accused of creating its own token and inflating its trading volume through false trading.
Exco.in launched recently under Blackwave Labs, which drew members from the Blackcoin community. The exchange disclosed that hackers accessed its systems and stole an unknown quantity of Bitcoin, NuBits, and NuShares. Exco.in identified the suspect as a user named 'ambriorx' and connected the attacker to DD4BC, a figure previously involved in breaches at Bitalo.com and Nitrogensports.eu. Roger Ver's bounty hunter site currently lists a 100 BTC reward for information leading to DD4BC's arrest.
Exco.in shut down deposits and pledged to liquidate all assets to compensate users. Samantha Chen, Exco.in's lead developer and a member of Blackwave Labs' board, resigned from her position.
HitBTC has not issued an official statement, but users report that the exchange blocked all withdrawals. The timing and circumstances surrounding Bter and Exco.in have fueled speculation that HitBTC faces a comparable breach.
CCDEK appears to be absorbing a distributed denial of service attack. DD4BC has employed DDoS tactics before, though his previous operations leaned on extortion against targets rather than direct Bitcoin theft.
ShapeShift.io experienced problems with its Bitcoin wallet, though no connection to the other incidents emerged. ShapeShift differs from the other exchanges: it does not hold customer funds. The platform executes instant conversions among different cryptocurrencies, maintaining reserves to facilitate trades but never taking custody of customer assets. This design makes ShapeShift a poor target for theft.
Because Bter, Exco.in, and CCDEK functioned as primary markets for NuBits and NuShares, ShapeShift halted NuBits transactions and suspended trading in BitUSD, a related pegged currency, as a precaution after the Bter hack.
NuBits showed the resilience of its price mechanism. Despite turmoil at major exchanges handling the token, NuBits recovered and trades within ten cents of $1.00. NuShares faces greater risk. Bter processed 86 percent of NuShares volume before the breach, so a significant portion of the token could be missing. Stakeholders vote on NuBits policy using NuShares, meaning a large loss of the currency could disrupt NuBits governance.
The situation is developing, with more details expected in coming days.
