by Robert DeVoe
The South Korean digital currency exchange Youbit has announced that they will be ceasing all operations and shutting down the service. The cease operation comes as a result of the second hack to target the company in 2017. The first hack, which occurred back in April, resulted in the loss of 4,000 bitcoin. The first hack on the country’s second largest exchange has also been tied to North Korea.
Youbit Targeted Again
The second hack to successfully target the company reportedly managed to extract 17 percent of the funds contained within the site. As a result, the company has declared bankruptcy and halted all trading activity. While promising to return as much money as possible to traders, the site admitted that the balances of every account had been cut by 25 percent.
Explicitly, a notice on the official website stated that “in order to minimize the damage to our members, we will arrange for the withdrawal of approximately 75 percent of the balance at 4:00 a.m. on Dec 19, The rest of the unpaid portion will be paid after the final settlement is completed.”
This kind of customer balance skimming has happened before. In August 2016, attackers hacked Bitfinex for $65 million of cryptocurrency. As a result, all account holders lost 36 percent of their account balances. They referred to this as making the losses “generalized” or spread out across all account holders.
For years now, cryptocurrency enthusiasts have been repeating the mantra that one should not keep funds on an exchange. Moreover, users should not use an exchange as a wallet. While many are likely to heed this advice, scores of new investors are joining the cryptocurrency field at such high speed that there are bound to be those who miss out on these bits of critical advice.
Andreas Antonopoulos, Bitcoin evangelist and in many ways the voice of the modern movement often states that it is of critical importance to maintain control over your private keys. Private keys are what allows someone to use or spend bitcoin or another cryptocurrency.
Antonopoulos often says: “If you control your keys, it’s your bitcoin. If you don’t control the keys, it’s not your bitcoin.”
Cryptocurrency exchanges make ripe targets for hackers as they often keep funds stored on what are called “hot wallets.” That being, an account or folder that stores the private keys in such a way that they are connected to the internet.
Other exchanges like Poloniex make promises to keep the vast majority of their funds in so-called cold storage. Specifically, the “vast majority of customer deposits are stored offline in air-gapped cold storage. We only keep enough online to facilitate active trading, which greatly minimizes risk and exposure.”
This way, even if the exchange is attacked, the amount a successful hacker could steal would be significantly reduced.
It should be noted, however, that Poloniex was also successfully hacked back in 2014, and lost 12.3 percent of its bitcoin supply.