Altsbit Hot Wallets Hacked: Difference between revisions
(Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/altsbithotwalletshacked.php}} thumb|AltsbitAltsbit was a relatively new cryptocurrency exchange based in Italy, which had just recently rebranded and launched a new trading API. On February 5th, 2020, they found that their hot wallets containing the majority of user funds were emptied. Due to their use of commas instead of periods when reporting the totals, clost to half of me...") |
(Remove empty source 5676) |
||
| (2 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/altsbithotwalletshacked.php}} | {{Imported Case Study 2|source=https://www.quadrigainitiative.com/casestudy/altsbithotwalletshacked.php}} | ||
{{Unattributed Sources}} | |||
[[File:Altsbit.jpg|thumb|Altsbit]]Altsbit was a relatively new cryptocurrency exchange based in Italy, which had just recently rebranded and launched a new trading API. On February 5th, 2020, they found that their hot wallets containing the majority of user funds were emptied. Due to their use of commas instead of periods when reporting the totals, clost to half of media sources reported the loss incorrectly as over $70m. Others caught this issue and reported a loss in the range $63k-$70k. Actually this didn't include the losses of the ARRR (Pirate Chain), which were valued at $208,682.68, and VRSC (Verus Coin) valued at $36,147.36. Adding together bitcoin ($66,611.39), ethereum ($4,370.18), komodo/KMD ($761.76) and the above, losses were actually $316,943.37 USD based on close of market price on February 5th, 2020. | [[File:Altsbit.jpg|thumb|Altsbit]]Altsbit was a relatively new cryptocurrency exchange based in Italy, which had just recently rebranded and launched a new trading API. On February 5th, 2020, they found that their hot wallets containing the majority of user funds were emptied. Due to their use of commas instead of periods when reporting the totals, clost to half of media sources reported the loss incorrectly as over $70m. Others caught this issue and reported a loss in the range $63k-$70k. Actually this didn't include the losses of the ARRR (Pirate Chain), which were valued at $208,682.68, and VRSC (Verus Coin) valued at $36,147.36. Adding together bitcoin ($66,611.39), ethereum ($4,370.18), komodo/KMD ($761.76) and the above, losses were actually $316,943.37 USD based on close of market price on February 5th, 2020. | ||
| Line 5: | Line 6: | ||
The platform distributed the remaining funds ($452,067.03) to affected users proportional to what they held on the platform, and then promptly shut down. There is no indication that any further investigation or recovery was undertaken. News media remains reporting inaccurate figures. | The platform distributed the remaining funds ($452,067.03) to affected users proportional to what they held on the platform, and then promptly shut down. There is no indication that any further investigation or recovery was undertaken. News media remains reporting inaccurate figures. | ||
This exchange or platform is based in Italy, or the incident targeted people primarily in Italy. | This exchange or platform is based in Italy, or the incident targeted people primarily in Italy.<ref name="infosecuritymagazine-292" /><ref name="cryptomarkets-293" /><ref name="cryptowisser-294" /><ref name="cointelegraph-295" /><ref name="altsbit-296" /><ref name="coindesk-297" /><ref name="zdnet-298" /><ref name="bitcoininsider-299" /><ref name="bitcoinist-300" /><ref name="slowmisthacked-1160" /><ref name="blockthreat-2173" /><ref name="altsbitarchive-10112" /><ref name="altsbitexmediumarchive-10113" /><ref name="altsbittwitterarchive-10114" /><ref name="altsbittwitterarchive-10115" /><ref name="notsofasttwitter-10116" /><ref name="altsbittwitterarchive-10117" /><ref name="altsbittwitterarchive-10118" /><ref name="0xspuddytwitter-10119" /><ref name="altsbittwitterarchive-10120" /><ref name="altsbittwitterarchive-10121" /><ref name="altsbittwitterarchive-10122" /><ref name="altsbittwitterarchive-10123" /><ref name="altsbittwitterarchive-10124" /><ref name="altsbittwitterarchive-10125" /><ref name="altsbittwitterarchive-10126" /><ref name="altsbittwitterarchive-10127" /><ref name="altsbittwitterarchive-10128" /><ref name="altsbittwitterarchive-10129" /><ref name="altsbittwitterarchive-10130" /><ref name="altsbittwitterarchive-10131" /><ref name="altsbittwitterarchive-10132" /><ref name="redditarchive-10133" /><ref name="altsbittwitterarchive-10134" /><ref name="altsbittelegramarchive-10135" /><ref name="coindesk-10136" /><ref name="securityaffairs-10137" /><ref name="coinmarketcap-623" /><ref name="coinmarketcap-4651" /><ref name="coinmarketcap-10138" /><ref name="nomics-10139" /><ref name="coinmarketcap-10140" /> | ||
== About Altsbit == | == About Altsbit == | ||
| Line 53: | Line 54: | ||
Don't Include: | Don't Include: | ||
* Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed. | * Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed. | ||
* Anything that wasn't reasonably knowable at the time of the event. | * Anything that wasn't reasonably knowable at the time of the event. | ||
| Line 74: | Line 74: | ||
!Description | !Description | ||
|- | |- | ||
|February 6th, 2020 12:24:00 AM | |February 6th, 2020 12:24:00 AM MST | ||
| | |Main Event | ||
| | |Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. | ||
|- | |- | ||
| | | | ||
| Line 86: | Line 82: | ||
| | | | ||
|} | |} | ||
== Technical Details == | |||
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited? | |||
== Total Amount Lost == | == Total Amount Lost == | ||
The total amount lost | The total amount at risk has been estimated at $769,000 USD. The total amount lost has been estimated at $317,000 USD. | ||
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie? | How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie? | ||
| Line 99: | Line 98: | ||
== Total Amount Recovered == | == Total Amount Recovered == | ||
There do not appear to have been any funds recovered in this case. | |||
What funds were recovered? What funds were reimbursed for those affected users? | What funds were recovered? What funds were reimbursed for those affected users? | ||
| Line 105: | Line 104: | ||
== Ongoing Developments == | == Ongoing Developments == | ||
What parts of this case are still remaining to be concluded? | What parts of this case are still remaining to be concluded? | ||
== General Prevention Policies == | |||
The primary issue was the large portion of funds left in the exchange's hot wallets. While hot wallets serve to conveniently allow withdrawals, their online status makes them much harder to protect. For example, Altsbit left over 70% of their Ethereum in their hot wallet. A secure exchange would have all customer funds in offline multi-signature wallets and populate hot wallets only with exchange-owned assets. | |||
== Individual Prevention Policies == | |||
{{Prevention:Individuals:Placeholder}} | |||
{{Prevention:Individuals:End}} | |||
== Platform Prevention Policies == | |||
{{Prevention:Platforms:Placeholder}} | |||
== Prevention Policies == | {{Prevention:Platforms:End}} | ||
== Regulatory Prevention Policies == | |||
{{Prevention:Regulators:Placeholder}} | |||
{{Prevention:Regulators:End}} | |||
== References == | == References == | ||
[https://www.infosecurity-magazine.com/news/crypto-exchange-loses-almost-all/ Crypto Exchange Loses "Almost All Funds" in Hack - Infosecurity Magazine] (Mar | <references><ref name="infosecuritymagazine-292">[https://www.infosecurity-magazine.com/news/crypto-exchange-loses-almost-all/ Crypto Exchange Loses "Almost All Funds" in Hack - Infosecurity Magazine] (Mar 26, 2020)</ref> | ||
[https:// | <ref name="cryptomarkets-293">[https://crypto-markets.news/news/altsbit-hack/426 New Exchange Altsbit Reports Hack Shortly After Opening] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="cryptowisser-294">[https://www.cryptowisser.com/exchange/altsbit/ Altsbit – Reviews, Fees & Cryptos (2020) | Cryptowisser] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="cointelegraph-295">[https://cointelegraph.com/news/hacked-italian-exchange-altsbit-to-shut-down-in-may-2020 Hacked Italian Exchange Altsbit to Shut Down in May 2020] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="altsbit-296">[https://altsbit.com/order?url=arrr-btc ARRR / BTC] (Mar 27, 2020)</ref> | ||
[https://www. | <ref name="coindesk-297">[https://www.coindesk.com/new-crypto-exchange-altsbit-says-it-will-close-following-hack New Crypto Exchange Altsbit Says It Will Close Following Hack - CoinDesk] (Mar 27, 2020)</ref> | ||
[https://www. | <ref name="zdnet-298">[https://www.zdnet.com/article/altsbit-says-hack-has-left-the-cryptocurrency-exchange-with-next-to-no-funds/ Altsbit plans exit after hack leaves cryptocurrency exchange out of pocket | ZDNet] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="bitcoininsider-299">[https://www.bitcoininsider.org/article/82437/what-we-have-learned-altsbit-hack What We Have Learned From The Altsbit Hack | Bitcoin Insider] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="bitcoinist-300">[https://bitcoinist.com/altsbit-crypto-exchange-gets-hacked-almost-all-funds-have-gone/ Altsbit Crypto Exchange Gets Hacked, 'Almost All Funds' Are Gone] (Mar 27, 2020)</ref> | ||
[https:// | <ref name="slowmisthacked-1160">[https://hacked.slowmist.io/en/?c=Exchange SlowMist Hacked - SlowMist Zone] (Jun 26, 2021)</ref> | ||
[https:// | <ref name="blockthreat-2173">[https://blockthreat.substack.com/p/blockthreat-2020-a-year-in-review No Title] (Aug 3, 2021)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbitarchive-10112">[https://web.archive.org/web/20200211001702/https://altsbit.com/order?url=dp-btc DP / BTC] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbitexmediumarchive-10113">[https://web.archive.org/web/20200211001745/https://medium.com/@altsbitex https://web.archive.org/web/20200211001745/https://medium.com/@altsbitex] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10114">[https://web.archive.org/web/20191001123838/https://twitter.com/altsbit/status/1179008381996195840 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://twitter.com/ | <ref name="altsbittwitterarchive-10115">[https://web.archive.org/web/20200208130022/https://twitter.com/altsbit/status/1218175420891324416 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[ | <ref name="notsofasttwitter-10116">[https://twitter.com/notsofast/status/1225422035146416135 @notsofast Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10117">[https://web.archive.org/web/20200316003056/https://twitter.com/altsbit/status/1225319347687653377 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://twitter.com/ | <ref name="altsbittwitterarchive-10118">[https://web.archive.org/web/20200211040053/https://twitter.com/altsbit/status/1225319527086514180 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[ | <ref name="0xspuddytwitter-10119">[https://twitter.com/0xSpuddy/status/1225424310799519744 @0xSpuddy Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10120">[https://web.archive.org/web/20200210155107/https://twitter.com/altsbit/status/1226760228156452864 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10121">[https://web.archive.org/web/20200209001010/https://twitter.com/altsbit/status/1226216820983705600 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10122">[https://web.archive.org/web/20200209020956/https://twitter.com/altsbit/status/1225387638246510592 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10123">[https://web.archive.org/web/20200209010653/https://twitter.com/altsbit/status/1225506138218811393 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/ | <ref name="altsbittwitterarchive-10124">[https://web.archive.org/web/20200208032113/https://twitter.com/altsbit/status/1225506140055883776 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[ ] ( | <ref name="altsbittwitterarchive-10125">[https://web.archive.org/web/20200208142846/https://twitter.com/altsbit/status/1225850217150504960 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200211011258/https://twitter.com/altsbit/status/1225851888706473984 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10126">[https://web.archive.org/web/20200211011258/https://twitter.com/altsbit/status/1225851888706473984 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200208154936/https://twitter.com/altsbit/status/1225853906523185154 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10127">[https://web.archive.org/web/20200208154936/https://twitter.com/altsbit/status/1225853906523185154 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200210202717/https://twitter.com/altsbit/status/1226201265593561089 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10128">[https://web.archive.org/web/20200210202717/https://twitter.com/altsbit/status/1226201265593561089 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200209001220/https://twitter.com/altsbit/status/1226216816202174465 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10129">[https://web.archive.org/web/20200209001220/https://twitter.com/altsbit/status/1226216816202174465 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200208222249/https://twitter.com/altsbit/status/1226216819272421376 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10130">[https://web.archive.org/web/20200208222249/https://twitter.com/altsbit/status/1226216819272421376 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200208234819/https://twitter.com/altsbit/status/1226201263643254785 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10131">[https://web.archive.org/web/20200208234819/https://twitter.com/altsbit/status/1226201263643254785 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200209174908/https://twitter.com/altsbit/status/1226546107137843200 @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10132">[https://web.archive.org/web/20200209174908/https://twitter.com/altsbit/status/1226546107137843200 @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200211001747/https://www.reddit.com/user/altsbit altsbit (u/altsbit) - Reddit] (Dec 30) | <ref name="redditarchive-10133">[https://web.archive.org/web/20200211001747/https://www.reddit.com/user/altsbit altsbit (u/altsbit) - Reddit] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200421223210/https://twitter.com/altsbit @altsbit Twitter] (Dec 30) | <ref name="altsbittwitterarchive-10134">[https://web.archive.org/web/20200421223210/https://twitter.com/altsbit @altsbit Twitter] (Dec 30, 2022)</ref> | ||
[https://web.archive.org/web/20200211001746/https://t.me/altsbit https://web.archive.org/web/20200211001746/https://t.me/altsbit] (Dec 30) | <ref name="altsbittelegramarchive-10135">[https://web.archive.org/web/20200211001746/https://t.me/altsbit https://web.archive.org/web/20200211001746/https://t.me/altsbit] (Dec 30, 2022)</ref> | ||
[https://www.coindesk.com/markets/2020/02/10/new-crypto-exchange-altsbit-says-it-will-close-following-hack/ New Crypto Exchange Altsbit Says It Will Close Following Hack - CoinDesk] (Dec 30) | <ref name="coindesk-10136">[https://www.coindesk.com/markets/2020/02/10/new-crypto-exchange-altsbit-says-it-will-close-following-hack/ New Crypto Exchange Altsbit Says It Will Close Following Hack - CoinDesk] (Dec 30, 2022)</ref> | ||
[https://securityaffairs.co/97622/cyber-crime/altsbit-exchange-hacked-exit.html The Altsbit exchange will exit in May following a hackSecurity Affairs] (Dec 30) | <ref name="securityaffairs-10137">[https://securityaffairs.co/97622/cyber-crime/altsbit-exchange-hacked-exit.html The Altsbit exchange will exit in May following a hackSecurity Affairs] (Dec 30, 2022)</ref> | ||
[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May | <ref name="coinmarketcap-623">[https://coinmarketcap.com/currencies/bitcoin/historical-data/ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap] (May 16, 2021)</ref> | ||
[https://coinmarketcap.com/currencies/ethereum/historical-data/ https://coinmarketcap.com/currencies/ethereum/historical-data/] (Dec | <ref name="coinmarketcap-4651">[https://coinmarketcap.com/currencies/ethereum/historical-data/ https://coinmarketcap.com/currencies/ethereum/historical-data/] (Dec 21, 2021)</ref> | ||
[https://coinmarketcap.com/currencies/pirate-chain/historical-data/ Pirate Chain price today, ARRR to USD live, marketcap and chart | CoinMarketCap] (Dec 31) | <ref name="coinmarketcap-10138">[https://coinmarketcap.com/currencies/pirate-chain/historical-data/ Pirate Chain price today, ARRR to USD live, marketcap and chart | CoinMarketCap] (Dec 31, 2022)</ref> | ||
[https://nomics.com/assets/vrsc-verus-coin/history/11 Verus Coin Historical Data, VRSC Daily Open, Close & Volume Insights | Nomics] (Dec 31) | <ref name="nomics-10139">[https://nomics.com/assets/vrsc-verus-coin/history/11 Verus Coin Historical Data, VRSC Daily Open, Close & Volume Insights | Nomics] (Dec 31, 2022)</ref> | ||
[https://coinmarketcap.com/currencies/komodo/historical-data/ Komodo price today, KMD to USD live, marketcap and chart | CoinMarketCap] (Dec 31) | <ref name="coinmarketcap-10140">[https://coinmarketcap.com/currencies/komodo/historical-data/ Komodo price today, KMD to USD live, marketcap and chart | CoinMarketCap] (Dec 31, 2022)</ref></references> | ||
Latest revision as of 16:38, 12 March 2025
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
Altsbit was a relatively new cryptocurrency exchange based in Italy, which had just recently rebranded and launched a new trading API. On February 5th, 2020, they found that their hot wallets containing the majority of user funds were emptied. Due to their use of commas instead of periods when reporting the totals, clost to half of media sources reported the loss incorrectly as over $70m. Others caught this issue and reported a loss in the range $63k-$70k. Actually this didn't include the losses of the ARRR (Pirate Chain), which were valued at $208,682.68, and VRSC (Verus Coin) valued at $36,147.36. Adding together bitcoin ($66,611.39), ethereum ($4,370.18), komodo/KMD ($761.76) and the above, losses were actually $316,943.37 USD based on close of market price on February 5th, 2020.
The platform distributed the remaining funds ($452,067.03) to affected users proportional to what they held on the platform, and then promptly shut down. There is no indication that any further investigation or recovery was undertaken. News media remains reporting inaccurate figures.
This exchange or platform is based in Italy, or the incident targeted people primarily in Italy.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41][42]
About Altsbit
"Your reliable cryptocurrency partner." “Altsbit is a relatively new exchange based in Italy. It was previously known as DigitalPrice but it went through a name change to Altsbit to avoid confusion with a cryptocurrency bearing the same name.”
“Altsbit had only launched as a rebranded service … in October [2019], offering a "roadmap" that comprised a brief list of objectives with "Adding user security functions" coming in last as item number five.” "We have finished rebranding and now we would like to represent you the Roadmap for upcoming 2 months: Trading API, Work processes optimization and fastening, Zendesk update and extended knowledge base content, Deep interface update for Z addresses to eliminate deposits’ delay and to provide 100% processes stability" "We would like to thank @DigitalPriceOrg @KomodoPlatform, @Verus coin, [and] @PirateChain for informational support on rebrand."
"As at press time, Altsbit has a 24-hour trading volume of $14.8 million with 98% of its trading activity coming from the ARRR/BTC pair (ARRR is the native token of the Pirate Chain)." “A review of Altsbit from several weeks ago oddly made note of Altsbit's lax security and low liquidity and volume. In an almost prophetic move the review gave its security aspects an "F" rating.” “We run all the exchange-websites in Mozilla’s Observatory-test. The score in such test is one of many indicators of the exchange’s security. Altsbit received an F-score in this test.”
“Italian cryptocurrency Altsbit had only been around for a few months before it was hacked.” “The exchange operated under its new name Altsbit for only roughly five months until the hack earlier [on February 6th, 2020].” "On February 5, 2020 the exchange Altsbit suffered an attack by hackers[. I]n the attack unfortunately a certain quantity of coins were stolen from the platform."
"Dear users, Unfortunately we have to notify you with the fact that our exchange was hacked during the night and almost all funds from BTC, ETH, ARRR and VRSC were stolen. A small part of the funds are safe on cold wallets." "We are now on analysis of the amount of loss and technical issues of the hack. We will come back soon with more details."
“Initially, the exchange announced the hack stating that almost all funds had been stolen. After some more thorough research, it appears Altsbit only lost under half of the crypto it was storing.” “Approximately $70,000 worth of cryptocurrency was stolen.” "[The c]urrent verified losses are: BTC Lost 6,929 coins out of 14,782 - 7.853 will be returned to users. 53.10% (Refunded), ETH Lost 23,21 out of 32,262 - 9.052 will be returned to users. 28.06% (Refunded), ARRR Lost 3924082 out of 9619754 - 5695672 will be returned to users 59.20% (Refunded), VRSC Lost 414154 out of 852726 - 438572 will be returned to users 51.24% (Refunded), KMD Lost 1066 out of 48015 - 46949 will be returned to users. 97.77% (Refunded)." “The site said users who saw losses must apply for their partial refunds. The bitcoin and ether stolen were valued at around $63,000 at press time.” reported Coindesk initially, later 'correcting' "The bitcoin and ether stolen were valued at around $72.5 million at press time." CoinTelegraph reported Altsbit "losing about $70,000 in a hack" specifying "the hack caused Altsbit to have lost 6.929 Bitcoin, and 23 Ether, among losses in other cryptocurrencies such as Pirate Chain (ARRR), VerusCoin (VRSC) and and Komodo (KMD)." but not bothering to value any of the other coins.
"The refund process will begin 2020.02.09, we are working to complete the system so that it can go as smoothly as possible. Tomorrow we will announce instructions on how to claim your funds and after that the process will start."
"I definitely lost some $BTC on this. I was providing last-resort buy support on a few alts. I guess that's done." "I think I lost some pirate because I was on the fence about keeping it, and just lazily left it on there for a week. Sad day."
“Altsbit has announced that it only has enough funds to issue partial refunds, and that they will be closing their doors in May 2020.” "After a careful analysis we managed to understand the stolen quantities[. F]ortunately a good part of the coins were kept on cold storage[. T]hese coins will be returned to the users of Altsbit exchange[. N]ot having the possibility to [fully] compensate for these losses, [these coins] will be distributed among all users of the platform each coin will have its calculation based on the percentage that was saved during the attack." "User balances were updated in accordance with current situation described above." "After [completing a withdrawal request on the website,] your request will send to our support system and a copy sent to your email. Withdraw will done manually by our technical support specialists."
“Refunds will begin on February 10, 2020 and end on May 8, 2020, after this date it will no longer be possible to request a refund as the Altsbit platform will be terminated.” “We will refund whatever we are holding on cold storage to users and then the platform will close down.” "In terms of refund timing we will try to do as soon as possible at least for those coins that have a higher value, we understand your situation and market fluctuations, the refunds to be made are many and mostly manually so they take longer. We will do our best to complete this step asap." "Refunds will begin on February 10 2020 and end on May 8 2020, after this date it will no longer be possible to request a refund as the Altsbit platform will be terminated."
"In an email to Cointelegraph, an Altsbit spokesperson confirmed that the company’s decision to shut down services is final, noting that the exchange will partly reimburse its customers, stating, “We will refund whatever we are holding on cold storage to users and then the platform will close down.”"
"Please pay close attention to people who pretend to be Altsbit employees, who promise you various things. Be wary of these people. Do not give any information to anyone, just use ticket after creating the form. Altsbit employees will never ask for confidential information. Scammers will promise to repay the lost funds, pay close attention."
"All current users orders on the exchange have been closed, we have updated all users balance to match the correct percentage of coins that will be refunded. These calculations have been completed for BTC/VRSC/ETH/ARRR/KMD."
"Due to the fact that after the attack, the wallet was empty, bona fide users received aborted status for their BTC withdrawals. When calculating the losses and balances of users, this was not taken into account 0,51233823 BTC, 0.21475001 ETH (aborted withdrawals). These transactions will be canceled and added to balances of the owners. The global balance of BTC and Ethereum will be recalculated and accrued to all users of the new account given"
“Hacking group Lulzsec has claimed that they are responsible for the hack, though it is still unclear how they managed to pull it off.” Black-hat hacking group LulzSec appears to have claimed responsibility for the theft on its Twitter feed, saying: "We assure that @altsbit didn't had (sic) proper security to stop Lulz Canon. Many others to follow. Better Stack up the Security - Note to other Exchanges."
This exchange or platform is based in Italy, or the incident targeted people primarily in Italy.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Include:
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
Don't Include:
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| February 6th, 2020 12:24:00 AM MST | Main Event | Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. |
Technical Details
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?
Total Amount Lost
The total amount at risk has been estimated at $769,000 USD. The total amount lost has been estimated at $317,000 USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
There do not appear to have been any funds recovered in this case.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
General Prevention Policies
The primary issue was the large portion of funds left in the exchange's hot wallets. While hot wallets serve to conveniently allow withdrawals, their online status makes them much harder to protect. For example, Altsbit left over 70% of their Ethereum in their hot wallet. A secure exchange would have all customer funds in offline multi-signature wallets and populate hot wallets only with exchange-owned assets.
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ Crypto Exchange Loses "Almost All Funds" in Hack - Infosecurity Magazine (Mar 26, 2020)
- ↑ New Exchange Altsbit Reports Hack Shortly After Opening (Mar 27, 2020)
- ↑ Altsbit – Reviews, Fees & Cryptos (2020) | Cryptowisser (Mar 27, 2020)
- ↑ Hacked Italian Exchange Altsbit to Shut Down in May 2020 (Mar 27, 2020)
- ↑ ARRR / BTC (Mar 27, 2020)
- ↑ New Crypto Exchange Altsbit Says It Will Close Following Hack - CoinDesk (Mar 27, 2020)
- ↑ Altsbit plans exit after hack leaves cryptocurrency exchange out of pocket | ZDNet (Mar 27, 2020)
- ↑ What We Have Learned From The Altsbit Hack | Bitcoin Insider (Mar 27, 2020)
- ↑ Altsbit Crypto Exchange Gets Hacked, 'Almost All Funds' Are Gone (Mar 27, 2020)
- ↑ SlowMist Hacked - SlowMist Zone (Jun 26, 2021)
- ↑ No Title (Aug 3, 2021)
- ↑ DP / BTC (Dec 30, 2022)
- ↑ https://web.archive.org/web/20200211001745/https://medium.com/@altsbitex (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @notsofast Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @0xSpuddy Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ altsbit (u/altsbit) - Reddit (Dec 30, 2022)
- ↑ @altsbit Twitter (Dec 30, 2022)
- ↑ https://web.archive.org/web/20200211001746/https://t.me/altsbit (Dec 30, 2022)
- ↑ New Crypto Exchange Altsbit Says It Will Close Following Hack - CoinDesk (Dec 30, 2022)
- ↑ The Altsbit exchange will exit in May following a hackSecurity Affairs (Dec 30, 2022)
- ↑ Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap (May 16, 2021)
- ↑ https://coinmarketcap.com/currencies/ethereum/historical-data/ (Dec 21, 2021)
- ↑ Pirate Chain price today, ARRR to USD live, marketcap and chart | CoinMarketCap (Dec 31, 2022)
- ↑ Verus Coin Historical Data, VRSC Daily Open, Close & Volume Insights | Nomics (Dec 31, 2022)
- ↑ Komodo price today, KMD to USD live, marketcap and chart | CoinMarketCap (Dec 31, 2022)