CryptoRush Hack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 12:46, 1 March 2024 by Azoundria (talk | contribs) (Another 30 minutes complete. About section split apart. Added a screenshot and logo from the website. Integrated information from the about and FAQ sections of the site. Started review/integration of Pastebin source.)
Jump to navigation Jump to search

Notice: This page is a new case study and some aspects have not been fully researched. Some sections may be incomplete or reflect inaccuracies present in initial sources. Please check the References at the bottom for further information and perform your own additional assessment. Please feel free to contribute by adding any missing information or sources you come across. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

CryptoRush Logo/Homepage

The primary issue here appears to be numerous exploits in the various alt coin withdrawal processes which CryptoRush handled through hot wallets. This seems to be based on the service being quickly coded in a few short months.

This exchange or platform is based in United States, or the incident targeted people primarily in United States.[1][2][3][4][5]

About CryptoRush

While CryptoRush used a .in extension[6] which is the country code of India, the exchange was actually based in the United States. CryptoRush appears to favour small alternate currencies, and was aiming to be a top cryptocurrency exchange[7]. The founder was reportedly named Kristian, while the other team members were reportedly named Matt and Chris, who joined after beta[7].

Crypto Rush strives to help give all coins a chance. We aim to be at the top of the crypto currency exchanges as we grow, we offer low fees compared to other exchanges. We also want to give new coins a chance and have a low cost system to help get coins in. When a coin goes down, users will be automatically alerted via twitter and e-mail and the markets suspended to secure your coins! Thank you for using Crypto Rush!

Crypto Rush started by the owner Kristian in 2014 was originally to be just one market. But soon evolved into more, and even more. Matt joined the team fairly soon into development as co-owner, within a fortnight the basis was written from the ground up with security in mind.

When beta launched, Chris joined the team and helped increase productivity with his skillset

The Frequently Asked Questions (FAQ) page for Crypto Rush offers valuable information for users encountering various issues while using the platform. It addresses common login and activation problems, advises users to use their email address for authentication, and offers manual activation assistance if necessary. The FAQ also covers issues related to negative balances after placing orders, attributing them to rounding errors and assuring users that they usually resolve automatically within 30 minutes. For discrepancies in order fulfillment, users are encouraged to contact support for investigation and can review their transaction history for clarity. Regarding deposit recognition delays, the FAQ explains the process and encourages users to verify deposits on the blockchain while providing a manual update option. It also assures users of the platform's security measures and offers assistance for any redirection issues.[8]

Furthermore, the FAQ lists supported coins on the platform, providing users with comprehensive information about the available cryptocurrencies for trading. It clarifies the fees charged by Crypto Rush, including buying and selling fees, withdrawal fees, and fees for accepting new coins, aiming to offer competitive rates and superior service. Additionally, the FAQ explains the varying withdrawal fees for different coins, attributing them to both platform fees and network transaction fees. It also addresses users' inquiries about purchasing coins directly from Crypto Rush, emphasizing that while plans exist, this feature is not currently available. Moreover, the FAQ reassures users about the safety of their coins, detailing the platform's security measures and separate storage for wallets. Lastly, it explains the trading engine's limitations, such as the trade rate matching and order fulfillment process, while offering guidance on resolving balance discrepancies caused by sync issues.[8]

The Reality

Every coin supported increases the attack surface against a platform, since an issue in one coin could inflate the user's balance and allow them to trade against other coins.

Signs of limited experience were visible from the FAQ page of CryptoRush.in itself[8].

  • A FAQ entry reported on an outstanding issue with negative balances, which had not been corrected, and suggested the possibility that users might have even larger negative balances. Negative balances suggest a vulnerability in the platform, which could be exploited for further loss[8].
  • A FAQ entry mentioned that using email addresses was more secure than using usernames. It is not clear how this is the case, since many exploits can start from the user's email address being compromised, and one of the steps in exploiting to recover an account is often obtaining access to recovery points such as the email address. There is likely to be a similar number of breaches of username/password combinations in comparison to email/password combinations for users who reuse passwords. The only case where this could be useful is if the username is publicly visible on the platform itself, and it's not clear whether or not this is the case[8].

What Happened

The CryptoRush platform was exploited, with the attacker managing to withdraw 950 BTC and 2500 LTC.

Key Event Timeline - CryptoRush Hack
Date Event Description
March 11th, 2014 Date Widely Cited The date of the incident as reported by sources including Kyle Gibson[1].
March 26th, 2014 5:02:01 AM MDT Insider Information Leak A CCN article sheds visibility into the lack of funds in the CryptoRush exchange platform[9]. A support worker at CryptoRush, named DogeyMcDoge, has leaked inside information regarding the exchange's troubles. This leak sheds light on the challenges faced by CryptoRush in the past month, including two hacking incidents and unorthodox methods to recover losses. Despite attempts to reassure users with solutions like CryptoRushShares, transparency issues persisted, leading to insolvency. DogeyMcDoge's confession has been confirmed by CryptoRush's administrators, who announced an official statement forthcoming. Meanwhile, CryptoRush has appointed a new CEO and promised to reimburse stolen funds. However, doubts linger about the exchange's ability to address its issues effectively[9].
May 9th, 2021 11:22:00 AM MDT PasteBin Information Censored The PasteBin information about this case is removed from the site[10].

Technical Details

[11]

https://www.ccn.com/cryptorush-support-worker-leaks-inside-info

Total Amount Lost

Losses were reportedly up to 950 BTC[1] and 2500 LTC[4].

The total amount lost has been estimated at $800,000 USD[1].

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?


"The guilt was starting to build up inside of me. I answered very few tickets the week of the 16th. I was conflicted, but I worked at my full time job >40 hours that week, so it kept my mind off of things a little. The issues continued. I kept suggesting ways we could maybe get some BTC back, arbitrage, etc. We didn’t even have enough funds for that. I wanted so bad for the exchange to stay afloat, thinking “Maybe tomorrow will bring us back our volume!” But alas, the problems with Zeit, and BTC withdrawals killed our volume. There was no coming back."

The issue was featured on several lists including Kyle Gibson[1], and the Idex Blog[4].

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

The exchange issued a “Debt Management Plan” which outlined plans and potential refunds for victims[4].

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

Coming soon.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. 1.0 1.1 1.2 1.3 1.4 100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents - Kyle Gibson (Jan 25, 2020)
  2. List of Major Bitcoin Heists, Thefts, Hacks, Scams, and Losses - BitcoinTalk (Feb 15, 2020)
  3. Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 5, 2020)
  4. 4.0 4.1 4.2 4.3 A Complete List of Cryptocurrency Exchange Hacks [Updated] - Idex Blog Archive February 15th, 2021 4:34:24 AM MST (Accessed Mar 26, 2022)
  5. Bitcoin’s Correction Could Well Have Shaken Out Potentially Damaging Investors - CoinTelegraph (Mar 26, 2022)
  6. CryptoRush Homepage Archive March 17th, 2014 5:05:38 AM MDT (Accessed Mar 1, 2024)
  7. 7.0 7.1 About CryptoRush Archive March 1st, 2014 11:56:08 PM MST (Accessed Mar 1, 2024)
  8. 8.0 8.1 8.2 8.3 8.4 CryptoRush FAQ Page Archive March 1st, 2014 11:25:52 PM MST (Accessed Mar 1, 2024)
  9. 9.0 9.1 CryptoRush support worker leaks inside info - CCN Archive June 24th, 2019 1:37:19 AM MDT (Accessed Feb 27, 2024)
  10. DogeyMcDoge Pastebin (Accessed Mar 1, 2024)
  11. https://web.archive.org/web/20190624173514/https://pastebin.com/qW3xRmcL (Accessed Feb 27, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=CryptoRush_Hack&oldid=5514"