loses 50m tokens in mysterious cold wallet theft

The Deerstalkers come out as Swiss crypto exchange suffers intriguing ‘hack’.While, to any observer of the cryptocurrency industry, the news that the exchange was hacked for around $11m of its own Trade Token (TIO) crypto over the weekend will not necessarily come as a surprise, the nature of how it was take will no-doubt lift a few eyebrows skywards. That’s because, according to a blog by Jim Preissler, the Swiss blockchain company’s CEO, the 50 million TIO stash the thief made off with was lifted from one of his company’s cold wallets.

In a story that reads something like a classic, Sherlock Holmes-esque, ‘locked room’ mystery, Priessler’s post outlines how at just after lunchtime Saturday (GMT), the security team were alerted to the movement of its ERC-20-derived tokes from a cold wallet; some of this stash of TIO can then be traced to two exchanges – Kucoin and Bancor – where around $200,000 worth of them were traded. The company insists however, that neither the cold storage wallet (probably a USB drive or similar crypto storage device not connected to the internet), or the bank-based safety deposit box in which it is stored, were compromised prior to the theft.

Trading in TIO has now been suspended via’s own markets as well as the two other exchanges mentioned. However, the statement by the company makes a point to say that attempts to contact and HitBTC in order to negotiate similar suspensions there has been met with silence. Indeed, as the board of prepares to meet today (Monday) to discuss forking the cryptocurrency in order to render the 50m TIO taken worthless, it is warning holders of its crypto that any coins bought in TIO trades made after 0840am EST on Saturday via the two unresponsive exchanges would not be eligible for the fork., which raised about $50 million dollars through the Trade Token ICO back in late 2017, will continue with operations as normal, save for the suspension of its TIO markets, while it works out a game-plan for the coming days. Indeed, with the tokens – which were the part of the exchange’s liquidity pool, a pot of crypto kept by the exchange from its own and customer deposits in order to support trading – now effectively in limbo and the losses likely limited, attention will no-doubt turn to exactly how this was done.

Providing’s assertion that its storage was industry standard, and followed to “to a ’T’”, is true it appears that the most likely scenario for this is that what has happened was an inside job. Indeed, in his Medium post – Priessier made allusions to the idea that what has transpired could be some kind of industrial espionage to damage the exchange. His accusation – repeated in a Reddit thread on the matter – was that:

“It’s obvious that given the positive momentum that has seen in the past month, it is now a major focal point of competitors, and we guarantee you we will not submit to their malicious actions. We have the strongest community in crypto, and we assure you we will end up stronger as a result of actions like these and any such attacks in the future.”

While that’s undoubtedly an interesting PR spin, and a step-up from the focus being on how is run, only time will tell exactly how this interesting heist was pulled off. Ultimately, whoever instigated it, it’s still hard to see beyond the management of the site for responsibility – with the likelihood being that either staff or systems were compromised.

Custodial storage of large amounts of crypto, of course, has been an ongoing theme of late 2018 that has seen multiple companies enter the space. BitGo recently became the first regulated entity to offer custody. Several others have introduced similar facilities, or are planning to, in the near future – offering insured storage for crypto assets. One of the latest is UK-based G4s, which is currently turning its expertise in storing cash, to cold storing crypto.

There are no-doubt lessons to be learned from down the line.

Comments are closed.