QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$7 000 000 USD
MARCH 2019
SINGAPORE
DRAGONEX
DESCRIPTION OF EVENTS
"DragonEX is a cryptocurrency exchange based in Singapore. It has been active since 2017." "Singapore-based DragonEx [is] one of the top 50 cryptocurrency exchanges by trading volume." "DragonEx is a trading platform for issuing cryptocurrencies. Provide safe and convenient digital asset trading services for new users and Chinese users.Dragon Net is also known as the Dragon Exchange. The English name is Dragonex, which is a digital currency trading platform registered in Singapore. The platform adopts a leading design pattern andissues Dragon Token (DT), which will distribute the commission income of the trading platform to all Dragoncoin holders according to the Dragon Coin holding ratio."
"Launched on 2 November 2017 in Singapore, DragonEx is a cryptocurrency exchange with an accumulative transaction volume of $25.5 billion. DragonEx is the pioneer of the transaction mining model, and 100% of trading commission income is promised to share with DT holders. Since DT was first launched on November 2nd, 2017, DragonEx has been shared $51 million dividends with DT holders. DragonEx is a community-driven exchange with over 300,000 KYC-verified users and aims to become the best community exchange. As of Jun 2019, there are over 18 wechat communities, 8 QQ Communities, and 2 telegram communities for DragonEx. DragonEx focuses on the Asian market but is expanding the oversea market. DragonEx has reached a deep cooperation with Bitfinex in August 2019."
"DragonEX is a cryptocurrency exchange / digital asset exchange based in Singapore. A DragonEX exchange review reveals that they serve the crypto community via no less than a 103 active markets. They also seem to provide trading access to various crypto-to-crypto currency pairs. The main currencies seem to include Tether (USDT), Bitcoin (BTC), Ethereum (ETH) and their own token, namely Dragon Token (Ticker symbol: DT)."
"DragonEX also seems to support the development of games based on blockchain technology. For example, they provide access to GoDice - a blockchain-based dice-betting game based that is fair and transparent. GoDice supports EOS, DT and USDT. A DragonEX exchange review also reveals that Dragon Token or DT is a dividend token based on the ERC20 token standard. DT holders qualify for a share of the total revenues generated via the DragonEX platform. It seems that the DT token can also be used to participate in the “DK Super Lotto” and in voting, both community voting and voting required when it comes to the listing of new projects and/or digital assets."
"In addition, it seems that Dragon Token has a max supply of 37,339,500 tokens (not considering the effect of burned tokens). A DragonEX exchange review also reveals that DT tokens can be obtained via direct exchange or via transaction fee mining at this crypto-asset exchange – a controversial “mining” activity as it encourages wash trades or wash trading."
"At the time of writing (UTC 12:04 PM) [on March 26th, 2019], the exchange is ranked as 25th by adjusted (38th by reported) trading volume (USD 183.4 million in the past 24 hours) on coinpaprika.com."
"DragonEX was subject to a hacker attack on 24 March. The hackers stole private keys and transferred assets from the exchange." "Dragonex, based in Singapore, reported on March 25 that hackers had stolen funds owned by both users and the company." "On March 24th, DragonEx has encountered attacks from hackers, our users’ crypto assets and Platform crypto assets were transferred and stolen. Part of the assets were retrieved back, and we will do our best to retrieve back the rest of stolen assets," the exchange said on its Telegram channel on Monday, adding that "all platform services will be closed and the accurate assets loss recovery situation will be announced in a week.
"On Sunday, apparently as the breach was first being discovered, DragonEx first took its platform offline saying it was upgrading its systems. Later the same day, it announced that it was “still working on system maintenance,” before finally disclosing that it had been hacked yesterday."
"As CryptoGlobe reported, DragonEx was hacked in March 2019, announced via Telegram that hackers managed to steal cryptocurrency belonging to both the cryptocurrency exchange and its users. The exchange quickly released all of the cryptocurrency wallets the funds, worth over $7 million at the time, moved to." “DragonEx via Telegram reported that part of the crypto taken has been transferred to unnamed major regulated digital exchanges, and hopes that the strict KYC rules would allow the team to garner help in recouping the stolen funds. If any measures were taken, it has not yet been publicly disclosed.”
"[T]he company said that the stolen assets from DragonEx were transferred to [multiple] addresses, which includes 20 digital assets, including bitcoin, ether, XRP, NEO, litecoin and others." "It’s estimated that the value of the funds stolen is around 7 million $"
"After tracking and investigation, DragonEx found that part of funds has flown into other exchanges. DragonEx has been working on retrieving back more assets and communicating with the leaders of those exchanges for more support," the exchange said in an update on their Telegram channel. "At the moment, the stolen assets transferred to Huobi and gate.io are blocked already," according to Long.
They claim that "several judicial administrations were informed about this cyber crime case including Estonia, Thailand, Singapore, Hong Kong etc. and we’re assisting policemen to do investigation." "DragonEx has asked several judicial administrations for assistance and has been keeping in touch for the update on the case. It’s a preliminary judgment that DragonEx is attacked by APT." "DragonEx has asked domestic and overseas policemen for help. The policemen has been investigating the case and searching for more evidence." "Police from Estonia, Thailand and Singapore are involved in the case."
"In order to get more assistance from more nodes, DragonEx has submitted the relevant materials to The EOSIO Core Arbitration Forum (ECAF) and found that until now, there has been about 450,000 EOS controlled by the hacker." "The admin added that stolen crypto assets transferred by the hackers to the Huobi and gate.io exchanges have already been blocked."
"DragonEx will take this lesson, upgrade the security level of the platform, cooperate with the third-party agency to do security supervision and audit, spare no effort to resume services after the Compensation Plan and Security Text are approved," it said without specifying.
"While the DragonEx hack was relatively small, it was notable for the lengths Lazarus Group went in order to infiltrate the exchange’s systems in a sophisticated phishing attack." "One of the attacks involved the creation of a fake, but realistic trading bot website that was offered to employees of DragonEx exchange." "The group used a sophisticated phishing attack where they created a realistic website and social media presence for a fake company named WFC Proof. The supposed company had created Worldbit-bot, a trading bot that was then offered to DragonEx employees."
"Though the software allegedly resembled an actual trading bot, it contained malware that could hijack the computer it infected. Eventually the software was installed on a machine that contained the private keys to DragonEx’s hot wallet, allowing the hackers to steal the funds. The attack is notable for its highly specific target and execution. The hackers appear to be very well versed in cryptocurrencies, even placing an ironic warning on its website to not let anyone access personal private keys."
"Now, DragonEx is negotiating a preliminary Compensation Plan that all assets stolen could be converted into credit and DT based on the actual assets loss." "For the loss caused to our users, DragonEx will take the responsibility no matter what," the company said. "[T]he company said it is working on "a preliminary Compensation plan."" "[S]tolen assets will be converted into USDT credit or Dragon Token (DT), the native token of the exchange, depending on preferences of the exchange's users, according to Joanne Long, Chief Information Officer at the exchange. Every day, 100% of the trading fees earned by DragonEx are distributed to users according to how much DT they hold, according to the website of the exchange."
"The company has also denied that it went bankrupt." "It’s a fake news that DragonEx has gone bankrupt. Actually, DragonEx established an incident response team to promptly work on investigation, security inspection, assets appraisal and audit, etc."
"With all supports and helps around the world, DragonEx feels grateful and more confident to overcome this hardship. DragonEx will continue to find the truth of the case and retrieve back those assets stolen. Meanwhile, DragonEx will take this lesson, upgrade the security level of the platform, cooperate with the third-party agency to do security supervision and audit, spare no effort to resume services after the Compensation Plan and Security Text are approved."
"The company’s executives wrote that after more than a year of hard work, the stolen assets have not been recovered." "In an official announcement on Oct. 21, DragonEx said that the OKEx freeze triggered a “crisis of trust” in centralized exchanges among its customers, which in turn fueled a run on funds and deteriorated the platform's service."
Singapore-based exchange DragonEx was breached through an elaborate corporate spearfishing attack, blamed on the North Korean Lazarus Group. This included creating a fake development company, and pitching the sale of a trading bot. This brought staff to download and install malware on their computers, which compromised all the hot wallets. The platform appears to be back online at the moment. Some reports indicated that some of the funds had been returned, and there was a later article with a compensation plan. It appears that DragonEx briefly shut off withdrawals on Oct 21st, which was blamed on the attack.
HOW COULD THIS HAVE BEEN PREVENTED?
While the most secure storage by far is a multi-signature wallet with all keys properly held by trained individuals, security of hot wallets can be improved by having additional experts review the security of systems. Our proposed framework sees 2 reviews prior to launch, and regular reviews on an ongoing basis. In the event of a breach, a comprehensive industry insurance fund would be available, which handles fraud and covers additional events beyond self-insurance.
Upbit Is the Seventh Major Crypto Exchange Hack of 2019 - CoinDesk (Feb 4)
Singapore-Based Crypto Exchange DragonEx Has Been Hacked - CoinDesk (Feb 6)
DragonEx Hacked: Users’ Crypto ‘Transferred and Stolen’ | CryptoGlobe (Feb 6)
DragonEx Announcements (Feb 7)
DragonEx Hack: USD 7 million in Crypto Stolen, Compensations in Sight (Feb 15)
DragonEx Was Hacked. Here’s What We Know So Far (Feb 8)
Q1 2019 Cryptocurrency Anti-Money Laundering Report - CipherTrace (Feb 20)
Most Significant Hacks of 2019 — New Record of Twelve in One Year (Feb 23)
A Look Back on Some of the Most Devastating Crypto Hacks | Fintech Singapore (Feb 27)
Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5)
SlowMist Hacked - SlowMist Zone (Jun 26)
DragonEx Hacked, Investigation is Undergoing | NEWS.8BTC.COM (Aug 7)
Lazarus Hacker Group Continues to Target Crypto Using Faked Trading Software - Bitcoin Magazine: Bitcoin News, Articles, Charts, and Guides (Aug 8)
The 23 exchange hacks of 2019 (Aug 8)
https://dragonex.io/en-us/ (Dec 25)
Telegram: Contact @DragonEx_EN (Dec 26)
SlowMist Hacked - SlowMist Zone (May 18)
https://www.crunchbase.com/organization/dragonex (Dec 26)
DragonEX – Reviews, Trading Fees & Cryptos (2022) | Cryptowisser (Dec 26)
https://www.linkedin.com/company/dragonex-network/about/ (Dec 26)
DragonEx crypto exchange considering shutdown amid OKEx 'crisis of trust' (Dec 26)
DragonEx Review and Analysis: Is it safe or a scam? We've checked and verified! (Dec 26)
Singapore-Based Crypto Exchange DragonEx Has Been Hacked - CoinDesk (Dec 26)
Report: North Korean Hackers Created Realistic Trading Bot to Steal Money (Dec 26)
https://www.technologyreview.com/2020/01/24/276082/lazarus-group-dragonex-chainalysis/ (Dec 26)
