Site icon Sophos News

DragonEx exchange hacked, smoking ashes being raked over

The DragonEx cryptocurrency exchange announced that it was hacked In the small hours of Sunday morning.

It’s managed to retrieve some of its customers’ funds; it’s got the address for a Bittrex account that gobbled up at least some of the loot; it’s asking for its “fellow exchange” to freeze that account; it’s got cyber-cops from Estonia, Thailand, Singapore and Hong Kong on the case; and so please, everybody, just go away for a week and stop clamoring for your money back.

We don’t know how much is gone, but we swear, we’ll make good on this, said the DragonEx team – and the team at every other looted exchange ever, except, that is, for the exchange that promised (almost) nothing when it exit-scammed.

In its official Telegram account, DragonEx promised:

For the loss caused to our users, DragonEx will take the responsibility no matter what.

DragonEx first took its platform offline on Sunday (apparently at the time it was first discovering the breach) saying that it was upgrading its system. Later that day, it announced that it was “still working on system maintenance,” before finally disclosing on Monday that it had been hacked. From Monday’s Telegram announcement:

Part of the assets were retrieved back, and we will do our best to retrieve back the rest of stolen assets.

Joanne Long, an admin of that official DragonEx Telegram account, said that the team has been able to identify where the stolen funds have wandered off to. Namely, some of them turned up in an account at Bittrex, which is a US-based cryptocurrency exchange headquartered in Seattle, Washington.

It could be that some of the funds have been restored because DragonEx asked fellow exchange Bittrex to freeze the wallets that got stuffed with the stolen funds.

As it is, DragonEx identified a list of 20 cryptocurrency accounts used by the hackers to move the stolen funds from the exchange, and the company told investors that it’s cooperating with other exchanges to recover users’ funds.

On that list are what Coindesk says are the top five cryptocurrencies by market capitalization: bitcoin (BTC), ether (ETH), XRP, litecoin (LTC) and EOS, as well as the tether stablecoin (USDT), represented by six destination addresses.

How trustworthy is/was DragonEx?

Here’s hoping that investors eventually get their money back. If not, are there lessons to be learned?

You could look at reviews, but I wouldn’t bet my Frappuccino money on the results. One review of DragonEx gave it a security score of B- (which is quite good, as far as exchanges go) based on Mozilla’s Observatory website scanner… a rating which, as of Tuesday, had dropped to an F.

Unfortunately, all of this leads us to reiterate what we’ve said before, and it isn’t particularly comforting. Namely, a cryptocurrency exchange is Just Another Website and therefore unaffected by the magical un-crackability of cryptocurrency crypto.

Cryptocurrency exchanges are websites where such currencies are bought, sold and stored. For Bitcoin and its ilk, they’re a soft and vulnerable underbelly. Like “the cloud,” an “exchange” is just another name for “somebody else’s computer.” You know next to nothing about the quality of that computer, or the ethics of the person operating it.

DragonEx was around for seven years before it got hacked. That’s 49 in dog years and an epoch in exchange years. Let’s hope this dragon rises from the ashes. And yes, that’s a phoenix metaphor, but what matters is that it (hopefully) manages to cough up everybody’s funds.

On the optimistic side, its admins are sticking around and answering questions: that’s a good sign, given all of the exchanges that have gone up in smoke, their teams quietly slipping out the fire exits and leaving investors scratching their heads and shaking their fists.

Exit mobile version