New Data Reveals Shocking Facts of Cryptopia Hack, Estimated $16 Million Lost in Ethereum (ETH) and ERC-20 Tokens

On January 14, 2019, the New Zealand-based cryptocurrency exchange Cryptopia was hacked, marking the first time this year a cryptocurrency exchange has been hacked. Following the data breach, New Zealand authorities have been conducting an investigation, and the general public has been largely kept in the dark.

So Many Questions, So Little Answers… Until Now

No one knew how the theft took place, how much was lost, or the current status of the stolen funds.

However, while everyone was wondering these things, the Elementus data company used their Elementus query engine to analyze the public database that is the Ethereum blockchain.

What Elementus discovered is really quite shocking. Among other interesting facts: the dollar value of lost funds far outweighed what was initially thought, the type of hack conducted was highly unusual, and the amount of time allotted to carry out this hack is obscure.

If anyone is inclined to verify these conclusions for themselves, Elementus posted the raw data used in their analysis online.

An Estimated $16 Million in Ethereum (ETH) and ERC-20 Tokens Stolen

According to calculations, the total value of stolen Ethereum and ERC-20 tokens at current market prices equates to about $16 million.

The Elementus report notes that these funds only include what could be found on the Ethereum blockchain. The data company did not analyze the Bitcoin blockchain or any other blockchains to see if funds were stolen there as well.

The breakdown of assets stolen from largest to smallest can be seen below:

Oyster Pearl$1,948,223
Lisk ML$1,718,610
Other tokens$3,051,709

Where Are the Stolen Funds Now?

The hackers have been moving the funds around in small pieces, trying to sell them on various exchanges.

Crypto exchanges Binance, Bibox, Huobi, and HitBTC have seen the greatest number of deposits from the stolen funds, accounting for $810,000 of the $882,000 of stolen funds attempted to be sold.

As for the vast majority of remaining funds that haven’t been sent to exchanges, they remain in 2 wallets controlled by the hackers.

Why Was This Hack Unusual and How Was It Carried Out?

As mentioned earlier, the Cryptopia hack is highly unusual.

In most cases when an exchange is hacked, it is hacked due to smart contract exploits in which a vulnerability in the code is exploited to steal funds. This type of hack was seen in the Parity, the DAO, and SpankChain hacks.

Another popular type of hack is via unauthorized access to credentials in which someone inside or outside of the company gains access to a wallet’s private keys. This type of hack was seen in the Coinrail, Tether, and Gatecoin hacks.

As explained by Elementus, the Cryptopia hack differs from the hacks mentioned above in 2 ways, the first being:

The funds were taken from more than 76k different wallets, none of which were smart contracts. The thieves must have gained access to not one private key, but thousands of them.

The second way it differs is because the hack continued for nearly 5 days after Cryptopia noticed the breach:

After Cryptopia discovered the hack, they watched the funds continue to flow out of their wallets for four more days, seemingly powerless to stop it. As these wallets were not smart contracts, there should have been no technical complications preventing Cryptopia from securing the funds.

The only plausible explanation for Cryptopia’s inaction is that they no longer had access to their own wallets.

Therefore, Elementus explained that the only possible explanation is that Cryptopia must have had their private keys stored in a single server with no redundancy, allowing thieves to gain access to the server, download the private keys, and delete them so Cryptopia does not gain access to their own wallets.

Final Thoughts

Cryptopia’s funds and wallets have already been compromised, and the stolen funds are now in the hacker’s possession. The only thing left to do is to inform all Cryptopia users and make sure they are aware of the situation and do not deposit any more funds to the compromised wallets.

The next thing to be done is for crypto exchanges to block all of the illicit funds being sent to them, which Binance has already started doing. After all, everything is stored on the public blockchain and we know exactly where the stolen funds are and can track them wherever they go.

What do you think will happen to the $16 million worth of stolen funds? Will exchanges continue to freeze them as they come in? Or will the hackers find a way to anonymize the funds and sell them? Let us know what you think in the comment section below.


  • Tommie Smith
    Posted January 25, 2019 5:36 am 0Likes

    This is a joke. Cryptopia hasn’t updated any of their users in ten days. I guess 16 million isn’t a big deal to them cause I’m sure it was a inside job from the get go. Your telling me that they didn’t notice it after the first four days complete BULLSHIT. I want my money back.

  • Bart
    Posted January 25, 2019 10:18 am 0Likes

    So does this mean no BTC was stolen and only ETH and ETH based coins?

    • nathan
      Posted January 25, 2019 5:38 pm 0Likes

      I saw a comment somewhere about 392 btc has gone. But there is not a lot of news about that, So its probably not true

  • Harold
    Posted January 26, 2019 1:58 am 0Likes

    $16 million lost is enough to make Cryptopia bankrupt. They don’t generate that much in revenue in a year.
    They could haircut everyone based on deposits. And tell whoever had coins in the exchange that they’ll only receive 10 cents on the $1 (or similar). That’s a possibility. Mt Gox suffered a similar demise and haircuts are a way to spread the losses across all depositors. If they don’t do that, they can just force full losses on anyone with ETH / ERC20 deposits. Either way, Cryptopia is rekt.

  • jos lupi
    Posted January 26, 2019 2:54 am 0Likes

    this is bullshit,Cryptopia play hight play with members for long time, stolled coins is not problem for this exchange,still same answer for delisting ,people lose money all time that Cryptopia exist !now ,who have coins is only Cryptopia managers,and he just say Hackers !I lose in Cryptopia thousands $,for delisting ,walla and other fake !

  • tai
    Posted January 26, 2019 3:08 am 0Likes

    psychic tip said it was Russia who paid someone to do the job.

  • NC
    Posted January 26, 2019 4:50 am 0Likes

    so I understand Cryptopia is preventing and warning customers from depositing but how come when I go to the website all I get is the announcement and cant log in?

    • Mark
      Posted January 26, 2019 6:17 pm 0Likes

      Same question here…

  • Shahid
    Posted January 27, 2019 4:15 am 0Likes

    It’s inside job cryptopia sud pay bk to ppl is there responsibility to keep our coin safe but cryptopia fuckin fail in one of them in side job

Leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.