Coinone Unauthorized Customer Withdrawal: Difference between revisions
No edit summary |
No edit summary |
||
| Line 1: | Line 1: | ||
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/coinoneunauthorizedcustomerwithdrawal.php}} | {{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/coinoneunauthorizedcustomerwithdrawal.php}} | ||
{{Unattributed | {{Unattributed Sources}} | ||
[[File:Coinone.jpg|thumb|Coinone]]On December 23rd, 2018, a Coinone customer account was breached, and all of their funds were successfully withdrawn by the attacker, despite a login from a foreign IP address and a withdrawal limit. The customer brought the Coinone exchange platform to court and successfully claimed against the withdrawal limit, while the remaining funds were not covered by the platform. | [[File:Coinone.jpg|thumb|Coinone]]On December 23rd, 2018, a Coinone customer account was breached, and all of their funds were successfully withdrawn by the attacker, despite a login from a foreign IP address and a withdrawal limit. The customer brought the Coinone exchange platform to court and successfully claimed against the withdrawal limit, while the remaining funds were not covered by the platform. | ||
This exchange or platform is based in South Korea, or the incident targeted people primarily in South Korea. | This exchange or platform is based in South Korea, or the incident targeted people primarily in South Korea.<ref name="coindesk-7160" /><ref name="coinone-7161" /><ref name="coinonecorp-7162" /><ref name="coinonecorp-7163" /><ref name="chosun-7164" /><ref name="youniversitytv-7677" /> | ||
<ref name="coindesk-7160" /><ref name="coinone-7161" /><ref name="coinonecorp-7162" /><ref name="coinonecorp-7163" /><ref name="chosun-7164" /><ref name="youniversitytv-7677" /> | |||
== About Coinone == | == About Coinone == | ||
| Line 83: | Line 82: | ||
!Description | !Description | ||
|- | |- | ||
|December 22nd, 2018 5:30:00 PM | |December 22nd, 2018 5:30:00 PM MST | ||
|Main Event | |Main Event | ||
|Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. | |Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. | ||
| Line 91: | Line 90: | ||
| | | | ||
|} | |} | ||
== Technical Details == | |||
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited? | |||
== Total Amount Lost == | == Total Amount Lost == | ||
| Line 110: | Line 112: | ||
== Ongoing Developments == | == Ongoing Developments == | ||
What parts of this case are still remaining to be concluded? | What parts of this case are still remaining to be concluded? | ||
== Individual Prevention Policies == | |||
{{Prevention:Individuals:Placeholder}} | |||
{{Prevention:Individuals:End}} | |||
== Platform Prevention Policies == | |||
{{Prevention:Platforms:Placeholder}} | |||
{{Prevention:Platforms:End}} | |||
== Regulatory Prevention Policies == | |||
{{Prevention:Regulators:Placeholder}} | |||
{{Prevention:Regulators:End}} | |||
== References == | == References == | ||
Latest revision as of 12:56, 1 May 2023
Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.
Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!
On December 23rd, 2018, a Coinone customer account was breached, and all of their funds were successfully withdrawn by the attacker, despite a login from a foreign IP address and a withdrawal limit. The customer brought the Coinone exchange platform to court and successfully claimed against the withdrawal limit, while the remaining funds were not covered by the platform.
This exchange or platform is based in South Korea, or the incident targeted people primarily in South Korea.[1][2][3][4][5][6]
About Coinone
"Bringing Blockchain into the World." "Coinone is developing various businesses through blockchain, including Coinone Exchange, the largest virtual asset brokerage platform in Korea."
"Coinone Exchange, opened in October 2014, is a platform that allows you to buy/sell virtual assets such as Bitcoin and Ethereum. We prioritize the safety of customer assets and provide convenient and reliable services."
"We lead the trend of the domestic trading market by selectively listing valuable projects, and we are securing expertise by operating a dedicated blockchain research team. We provide virtual asset reports and monitoring reports for investors."
"Most suitable trading engine, Coinone core. The engine with convenient interface, and high-quality will help your exact trading." "It provides a trading service optimized for user convenience by providing an excellent UI/UX trading platform and price monitoring chart. Equipped with a security solution equivalent to the stock MTS, safe and rapid trading is possible, and an environment where trading can be done anytime, anywhere through the mobile app has been established."
"At Coinone, security is our top priority. We signed a cyber liability insurance for the first time in a domestic virtual asset exchange, periodically inspect structural security through professional security consulting, and strive to ensure the safety of customer assets through real-time risk monitoring through a 24-hour security control service."
"A Korean crypto exchange, Coinone, has been ordered to pay compensation for losses resulting from a hack of a customer account."
"While seen as precedent-setting, the ruling from the Seoul Southern District Court on Sept. 27 found Coinone only partly responsible and ordered an award far less than the damages the plaintiff had sought."
"According to an account of the case published in IT Chosun, the customer – identified only as Mr. A – joined the exchange in April 2017. As of November 2018, his holdings were valued at around 58 million won ($48,300). Most of the that was stolen on Dec. 23, and the customer was left with holdings valued at just 5,982 won."
"Mr. A had 9 cryptocurrencies, including 47.95 million won in cash and 27,100 EOS, in his account on the exchange after signing up for Coinone in April 2017 and until November 2018."
"Trades that led to the theft were conducted via an IP address in the Netherlands." "On December 23, 2018, at around 0:30 a.m., a hacker who accessed the Dutch VPN server IP used Mr. A's account password and individually issued Google OTP temporary number to dispose of the cryptocurrency in his account and then buy bitcoin. did. In this process, according to the Coinone policy, even though much more cryptocurrency was remitted than the withdrawal limit (20 million won) per day, the exchange did not restrict the withdrawal."
"The customer sued for 58 million won in losses, saying that the exchange should have blocked transactions from overseas and that it should have rejected any transfer request of more than 20 million won."
"The exchange has not set minimum safeguards," the plaintiff argued, according to the newspaper.
When filing a claim for damages against Coinone, Mr. A said, "The exchange did not set minimum safety measures such as blocking user access IP and other overseas IP access." Failure to do so is equivalent to default on the exchange’s debt.”
"Coinone, which according to CoinMarketCap data is the world's 70th largest exchange by reported volume, countered that it is not required to block foreign IP addresses. In terms of the 20 million won limit, it said that this threshold was only a government policy related to anti-money laundering and not a strict obligation to the customer." "It claimed that personal information was not leaked or stolen due to the exchange's negligence. In addition, he countered that the withdrawal limit was not considered a violation of the exchange obligation as it was made for the purpose of a separate government policy."
"The court agreed with most of what the exchange argued. It did not hold Coinone responsible for the hack itself, and it said that the exchange did not have to police transactions by IP address. It would only have to block an address if it knew beforehand that it was being used for illegal access to an account."
"But the court did say that the transfer limits need to be followed, as the 20 million won cap was set not only to prevent money laundering but also to protect customers from exchange failures. The court also determined that it is reasonable for customers to expect the limits to be in place and enforced. The plaintiff was awarded 25 million won."
"It is a mistake for the exchange to fail to meet the daily withdrawal limit," IT Chosun quoted the court as saying.
"The court ruled in favor of the plaintiff only in relation to the withdrawal limit measures." The court said, "It is the exchange's fault for not complying with the daily withdrawal limit without confirming that the exchange system has been hacked.”
"According to the cryptocurrency and legal circles on the 27th, the Seoul Southern District Court said, "The defendant (exchange) should pay 25 million won to the plaintiff (A) in a suit for damages worth 58.86 million won that Mr. A filed against Coinone, a cryptocurrency exchange." he judged. Previously, Mr. A had 9 types of cryptocurrencies and cash he had in his cryptocurrency exchange wallet stolen from outside hackers."
"While the customer only received partial compensation, the Korean press reports that the award is a first and that the decision suggests that exchanges can now be held responsible for some losses."
This exchange or platform is based in South Korea, or the incident targeted people primarily in South Korea.
The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.
Include:
- Known history of when and how the service was started.
- What problems does the company or service claim to solve?
- What marketing materials were used by the firm or business?
- Audits performed, and excerpts that may have been included.
- Business registration documents shown (fake or legitimate).
- How were people recruited to participate?
- Public warnings and announcements prior to the event.
Don't Include:
- Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
- Anything that wasn't reasonably knowable at the time of the event.
There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.
The Reality
This sections is included if a case involved deception or information that was unknown at the time. Examples include:
- When the service was actually started (if different than the "official story").
- Who actually ran a service and their own personal history.
- How the service was structured behind the scenes. (For example, there was no "trading bot".)
- Details of what audits reported and how vulnerabilities were missed during auditing.
What Happened
The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.
| Date | Event | Description |
|---|---|---|
| December 22nd, 2018 5:30:00 PM MST | Main Event | Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here. |
Technical Details
This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?
Total Amount Lost
The total amount lost has been estimated at $48,000 USD.
How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?
Immediate Reactions
How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?
Ultimate Outcome
What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?
Total Amount Recovered
The total amount recovered has been estimated at $21,000 USD.
What funds were recovered? What funds were reimbursed for those affected users?
Ongoing Developments
What parts of this case are still remaining to be concluded?
Individual Prevention Policies
No specific policies for individual prevention have yet been identified in this case.
For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.
Platform Prevention Policies
Policies for platforms to take to prevent this situation have not yet been selected in this case.
For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.
Regulatory Prevention Policies
No specific regulatory policies have yet been identified in this case.
For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.
References
- ↑ South Korean Court Issues Landmark Decision on Crypto Exchange Hacking - CoinDesk (Mar 7, 2022)
- ↑ https://coinone.co.kr/ (Mar 13, 2022)
- ↑ 코인원(Coinone Corp) - 세상과 기술을 연결하다 (Mar 13, 2022)
- ↑ 코인원(Coinone Corp) - 세상과 기술을 연결하다 (Mar 13, 2022)
- ↑ 법원 "코인원, 2500만원 배상하라" - IT조선 > 기업 > 금융·핀테크 (Mar 13, 2022)
- ↑ Korean Self-regulatory Crypto Industry Body Under Question After 12 Crypto Exchanges Approved | YOUniversityTV (May 8, 2022)