Japan-based cryptocurrency exchange Bitpoint has become the latest to lose tens of millions of dollars in a cyber-attack.
The firm said it was forced on Friday to stop all services — including withdrawals, deposits, payments, and new account openings — while it investigated the incident. It has also notified the relevant authorities in Japan.
Hackers managed to steal funds not only from the firm’s hot wallets, but also its offline cold wallets. After first detecting an error in Ripple remittances, Bitpoint said it realized it had been the victim of a cyber-attack. It then took another three hours before the firm realized the attack also compromised funds stored in Bitcoin, Bitcoin Cash, Litecoin, and Ethereal.
A total of around 3.5 billion yen ($32 million) had been stolen, most ($23m) of which were customer-owned funds. The remainder belonged to Bitpoint, but it’s not clear at this stage whether the firm is planning to reimburse its customers.
The firm is the latest in a long line of cryptocurrency exchanges to come under the scrutiny of cyber-criminals. Last year, two Japanese exchanges were hit: Zaif lost 6.7bn yen ($60m) after hackers stole it from a hot wallet, while Coincheck lost 500m NEM tokens worth $530m at the time.
Just last month, Singaporean cryptocurrency exchange Bitrue was estimated to have lost around $4.5m in funds after hackers breached a hot wallet and moved the funds to other exchanges. A month previous, hackers stole in the region of $41m from Binance in a single hot wallet transaction.
In most incidents, at least the majority of stolen money is returned to customers.
Last month, Europol convened a meeting of cryptocurrency experts at its HQ in the Hague in a bid to share best practice and build partnerships to improve policing of digital crimes.