Kipcoin Exchange Hack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 17:47, 25 January 2024 by Azoundria (talk | contribs) (30 minutes. All sources integrated. Started up timeline. Started to review blockchain addresses for available transactions and filled in the timeline with the transactions we found. These are very different than the actual data in the report.)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

KipCoin was a Chinese cryptocurrency exchange. In May 2014, a hacker managed to access the exchange's wallet.dat file, and in December 2014 they started withdrawing funds. The incident was finally widely reported in February 2015.

About KipCoin

The Chinese Bitcoin exchange Kipcoin is not as well known as Huobi and OKcoin, but it apparently had a lot of bitcoins to lose.

Website: kipcoin.com

The Reality

There is limited evidence that KipCoin had knowledge and ability for proper storage of funds. The operation lacked transparency, promised a high rate of return, and it is unclear whether funds were ever backed to begin with.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Kipcoin Exchange Hack
Date Event Description
May 2014 Hacker Had Server Access “The hacker apparently gained access to Kipcoin’s server back in May and downloaded the wallet.dat file at that time. For months, according to Kipcoin, the hacker did nothing with the funds before beginning to move them in December 2014. It is not clear why the site didn’t secure its funds at that time.”
October 9th, 2014 8:56:21 AM MDT Blockchain Theft Transaction A blockchain transaction sends 188.09192282 BTC from the KipCoin exchange to one of the reported attacker wallets[1].
October 20th, 2014 1:39:39 AM MDT Blockchain Theft Transaction A blockchain transaction sends 141.40022366 BTC from the KipCoin exchange to one of the reported attacker wallets[2].
October 28th, 2014 6:55:42 AM MDT Blockchain Transfer Transaction A blockchain transaction sends 326.27886977 BTC, including 141.39396724 BTC from one of the reported attacker wallets to another wallet[3].
November 12th, 2014 2:38:15 AM MST Blockchain Transfer Transaction A blockchain transaction sends 188.09119789 BTC from one of the reported attacker wallets to another wallet[4].
November 12th, 2014 10:18:42 AM MST Blockchain Theft Transaction A blockchain transaction sends 20.02443561 BTC from the KipCoin exchange to one of the reported attacker wallets[5].
December 29th, 2014 4:11:59 AM MST Blockchain Transfer Transaction A blockchain transaction sends 20.02430419 BTC from one of the reported attacker wallets to another wallet[6].
December 2014 Funds Begin Moving “For months, according to Kipcoin, the hacker did nothing with the funds before beginning to move them in December 2014. It is not clear why the site didn’t secure its funds at that time.”
February 17th, 2015 1:51:39 PM MST CoinJournal Article Published CoinJournal reports that the Chinese Bitcoin exchange Kipcoin has suffered a hack, losing some or all of its users' bitcoins, totaling over 3,000 bitcoins, according to the translated announcement on its Weibo page[7][8]. The hack reportedly occurred in May when the attacker gained access to Kipcoin's server and downloaded the wallet.dat file. Although the hacker remained inactive until December 2014, it's unclear why the exchange did not secure its funds during this period. Kipcoin plans to come back online and allow withdrawals of other digital currencies it held, such as Litecoin and Dogecoin, with holdings in Yuan being safe. The exchange will collaborate with law enforcement to identify the hacker, but the process may be delayed due to the Chinese Spring Festival. Kipcoin indicated that the attackers left clues about their identities, and if the bitcoins are returned, they may consider lifting the complaint[7].

Technical Details

“The hacker apparently gained access to Kipcoin’s server back in May and downloaded the wallet.dat file at that time. For months, according to Kipcoin, the hacker did nothing with the funds before beginning to move them in December 2014. It is not clear why the site didn’t secure its funds at that time.”

Blockchain addresses belonging to the hacker[7]: 

1Chg6NxMeTcZ3DQvYA9gocjU4RQwH1LtKD
18zf9CWe4uBy8BesHU3BWqjpibDRRBoPLD
1MYkHXvnWuZ5FaMJkNv4uCLoVC2Ztp2DXK
152BSsbpcGMdj9WBGHq3wXHgJVuqQCs4aJ
16j131w3cvkdAc13sg5nREMiiJj3zoRw5n
16qHXy4RDeek56mNDN84d2F6niE96taQso
175L5Sx81dZZBureP8RtLUyUXoruVdAj1E
17ZJ1sqDRxq7oRVrnNLxoyrvHrtrjtPRfp
17amdMD8JJPcipWqUEwzEtsAuYu1FzkVtg
181qVdiaCcJmzGJV9PEobeYYnkC25PyJdT
18ncsALSWGWRG3JK6yio4PXoiWBbvxAxng
1XgAzaQEe9iDEohWCmdNXSH8XZ74uLBnd

TBD - process from fourth address onward above.

Total Amount Lost

The total amount lost has been estimated at $690,000 USD.

Immediate Reactions

“Another Chinese based exchange has apparently lost its user’s funds. The Chinese exchange announced that it lost some or all of its user’s bitcoins and will temporarily be shutting down.”


"In a statement the company released through the Chinese social media website Weibo, they mentioned that they will put all their services on hold temporarily. In this post, it was also mentioned that no Chinese Yuan were stolen from the accounts."

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

“The site says it will come back online and will then allow withdrawals of the other digital currencies it held: Litecoin and Dogecoin. Its holdings in Yuan are safe and will presumably be used to pay back users in Bitcoin eventually. Before that can be done however, the exchange says it needs to collaborate with law enforcement in finding the hacker.”

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

The hack was included in various lists including the SlowMist Zone[9], Kyle Gibson[10], and the BitcoinExchangeGuide[11] (TBD - fix source).

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

Coming soon.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. Transfer Of 188.09192282 BTC To Attacker - Blockchain.com (Jan 25, 2024)
  2. Transfer of 141.40022366 BTC to Attacker Wallet - Blockchain.com (Jan 25, 2024)
  3. Transfer of 326.27886977 BTC from Attacker's Wallets - Blockchain.com (Jan 25, 2024)
  4. Transfer Of 188.09119789 BTC From Attacker - Blockchain.com (Jan 25, 2024)
  5. Transfer of 20.02443561 BTC From KipCoin to the Attacker's Wallet - Blockchain.com (Jan 25, 2024)
  6. Transfer of 20.02430419 BTC From Attacker's Wallet - Blockchain.com (Jan 25, 2024)
  7. 7.0 7.1 7.2 Chinese Exchange KipCoin Has Been Hacked - CoinJournal (Mar 14, 2020)
  8. Chinese Exchange KipCoin Has Been Hacked - CoinJournal Archive July 20th, 2020 2:49:13 PM MDT (Jan 25, 2024)
  9. SlowMist Hacked - SlowMist Zone (Jun 26, 2021)
  10. 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents - Kyle Gibson Medium (Jan 25, 2020)
  11. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Kipcoin_Exchange_Hack&oldid=5416"