UNKNOWN

JULY 2021

CAYMAN ISLANDS

BITMART

DESCRIPTION OF EVENTS

"Our mission is to provide simple and secure crypto products and services. Whether you are an individual or an institution, we want to help you buy, sell, and store your cryptocurrency. Our vision is to bring cryptocurrency available to everyone everywhere, we believe, the decentralized digital currency will reshape the global economic fundamentally, such financial freedom would bring further economic innovation, efficiency, and equality to the world. But it won’t happen unless we build simple, and secure products for individuals and institutions around the world to discover and interact with this new frontier."

 

"Our professional team members come from Amazon, Accenture, Tencent, Alibaba, and other top-tier tech firms. We unite together and built a more cost-efficient and user-friendly financial platform to involve every individual all over the world. The team has grown by leaps spanning the global mission to accelerate the world to a highly efficient global financial system."

 

"Trust, as of the fundamental of the financial system, and the core to the decentralized token economy. We fully understand all the challenges that the cryptocurrency ecosystem is facing to, hence we are committed into compliance, reliability, security, customer care, and deliver the seamless user experience to build the trust. As a global exchange platform, we hope the halo of digital assets can benefit every investor. It is our vision to provide an environment with smooth accessibility and suitable entry barrier for every potential investor, making the digital assets significant. No matter for entry-level traders or professional investors, BitMart provides several finely tailored services, including listing numerous top-grade digital assets for our clients to invest and success, providing an industrial developer platform for advanced traders, and customizing the best-fit assets management solution for institutions of all sizes."

 

"A series of block reorganization attacks geared towards double spending directed at the BSV network occurred on June 24 and on July 1, 6 and 9, 2021." "On July 8, 2021 BSV chain had reports of an ongoing 51% attack. The attack was reported to be coming from a miner going by the name ZULUPool."

 

"As part of regular monitoring of the network by the Bitcoin SV Infrastructure Team, the Association has been made aware of an illegal attack against the Bitcoin SV network. A malicious actor has recently been carrying out block re-organisation attacks on the Bitcoin SV network, which appear to be intentional acts in an effort to mask the illegal double-spending of coins."

 

"The Bitcoin SV Infrastructure Team have identified one of the addresses connected with the attack (1G47mSr3oANXMafVrR8UC4pzV7FEAzo3r9) as being long associated with ransomware and other attacks on the BTC, BCH and BSV chains – so the malicious actor is engaged in illegal activity which could involve also BTC and BCH, and not just the BSV network."

 

"At this stage, neither Bitcoin Association nor the Bitcoin SV Infrastructure Team can confirm the exact identity or identities of the attackers. The malicious party is carrying out their attacks under the ‘Zulupool’ moniker. We do not believe that the malicious actor is the same ‘Zulupool’ that has long been associated with the Hathor miner of the same name. Instead, we believe the attacker is impersonating ‘Zulupool’."

 

"[T]o date, neither Bitcoin Association, nor the Bitcoin SV Infrastructure Team, nor any exchanges with whom we are in contact, have received any reports of anyone claiming to be a victim of a double spend."

 

"Over a dozen blocks are being reorgd & up to 3 versions of the chain being mined simultaneously across pools."

 

"To invalidate the fraudulent chain, node operators should run the following command on their #BitcoinSV node: bitcoin-cli invalidateblock 000000000000000003B67AEC95E9B5DA897EB5EBF3227D5A6A67835104367840"

 

"Bitcoin Association has been made aware that digital asset exchange Bitmart has claimed that the attacker has used its exchange to deposit ‘fake’ BSV from the double-spend attack and trade them for other coins; the attacker was then able to move some of these fraudulently acquired to other exchanges. On July 23, Bitmart filed a legal action for injunctive relief in the U.S. District Court for the Southern District of New York seeking to prevent the attacker(s) from further transferring traded coins from Bitmart’s exchange accounts and asking for third-party exchanges to freeze traded coins they received from the attacker."

 

"Since the malicious nature of the re-orgs on the Bitcoin SV network were identified following the July 6 attacks, the Bitcoin SV Infrastructure Team have taken action to both help protect the network and collect evidence of the illegal activity. This information is being collated and shared at regular intervals with Bitcoin Association’s legal team. Bitcoin Association’s representatives have already started to contact relevant law enforcement authorities. Bitcoin Association is also preparing to submit criminal complaints in one or more relevant jurisdictions; its affected constituents may also initiate proceedings independently."

 

"In addition, Bitcoin Association believes an exchange will be adequately insulated from any negative impact of attacks if it: 1) actively monitors the blockchain for block re-orgs; and 2) as an interim protective measure, maintains or extends to at least 20 the number of block confirmations required before BSV deposits are considered valid. We believe this provides sufficient protection against the block reorg attacks. We do not believe exchanges need to completely halt all deposit, withdrawal and trading activity associated with BSV coins. However, Bitcoin Association can only act in an advisory capacity in this instance, as exchanges are independent and will act according to their own procedures and tolerances in such events."

 

"The owner of the crypto exchange Bitmart has filed a bid for pre-arbitration injunctive relief to prevent Chinese hackers from making illicit transfers using fraudulent Bitcoin SV (BSV) on its platform."

 

"According to a Monday report, GBM Global Holdings, Bitmart’s owner, filed its bid with a New York federal judge, despite the fraudulent activities taking place largely out of state. The company has argued that the Southern District Court of New York nonetheless has jurisdiction over 'fraudulent or manipulative acts with foreseeable effects in New York' and is therefore requesting that the judge intervene before the hackers are able to sell the illicit crypto on the open market."

 

"The heavily redacted bid reportedly claims that the funds will be significantly harder to recover on behalf of affected users if there is no intervention. Bitmart claims that the hackers defrauded a minimum of 43 of its users in the United States by minting fraudulent BSV in violation of the U.S. Commodities and Exchange Act."

 

"Defendants are foreign, impossible-to-identify hackers intent on fraud, there is almost no likelihood that they would pay a damage award. Short of receiving an injunction of already-identified, fraud-begotten cryptocurrency, there is no way for Petitioner to secure ultimate recovery."

 

"The Bitcoin SV network remains safe to use and is operating as it usually would. However, in the short term, Bitcoin Association recommends only sending and receiving BSV between identified parties where possible. When transacting with unknown or untrusted parties, for an interim period, we advise waiting for at least 20 block confirmations before considering the transaction safe and settled."

 

"Bitmart sought an injunction in the U.S. and, while the jurisdiction was not entirely obvious, Judge Alison J. Nathan ruled in favor of the exchange after the defendants failed to respond to the plea. This means that accounts and the BSV tokens within them will be retained by the exchange, who will presumably freeze or destroy them given that their reintroduction into the system would affect the BSV supply."

 

The "U.S. District Court judge has ruled that, for the time being, BSV tokens that arrived on the Bitmart platform following a 51% attack on the blockchain cannot be moved. Bitmart had petitioned that the coins, which were moved to their platform and mostly sold by the Russian hackers, should not be released to them given their illegal origin. 51% attacks can result in recent transactions being undone and coins being spent over again, known as ‘double spending’. Proof-of-work coins are susceptible to 51% attacks if they don’t have the requisite amount of decentralization in their mining profile, or the hashrate is so low it can be easily overcome."

 

"Bitmart was able to pinpoint at least 43 of its users that had been damaged by the activities of the BSV chain attackers and froze 92 accounts, and the remaining BSV within them, they found to be associated with the illegal activity."

Bitmart operates a large crypto-asset exchange platform, which includes BSV. On BSV, there are well documented and regular 51% attacks, which occur due to a lack of mining power. Securing against a 51% attack generally consists of implementing a large enough number of confirmations before a deposit is accepted. Bitmart did not secure themselves properly, and suffered from the attack.

 

As a result, Bitmart applied to the New York court to allow themselves to adjust and penalize international customers at their discretion. The Bitcoin Association, a key influencing group over th BSV blockchain, then split the chain into 3 separate chains by requesting that miners reject the first block associated with the double spend.

 

The end result is chaos, with exchange users, miners, and BSV users suffering arbitrary losses, depending on their exact course of decisions through the time period. Exchange users suffer losses if they purchase the fraudulent coins and are mischaracterized as being part of the attack. Miners suffer losses if they pick the wrong branch to mine on. BSV users suffer losses if their payments are cancelled or altered by the block reorganization.

HOW COULD THIS HAVE BEEN PREVENTED?

51% attacks are generally defended against by requiring a large number of confirmations before a deposit is accepted.

 

Check Our Framework For Safe Secure Exchange Platforms

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.