Beijing time on March 24th morning, DragonEx trading wallet suffered hacking, resulting in more than 20 kinds of digital assets and user platform stolen.
According to the analysis of the PeckShield security team, the DragonEx digital asset exchange lost about $6 million 20 thousand worth of digital assets, and has about $930 thousand into the digital asset exchange, at present there are digital assets worth $about 5000000 in the hands of the hands of a hacker. The DragonEx of a non head exchange, is definitely not a small loss.
According to the center of the platform vulnerabilities DVP tracking analysis, which involved a large amount of the assets of USDT, ABBC, EOS, BTC, ETH, USDT were about 1464319 pieces (currently $1 million 460 thousand), ABBC stolen about 6274251 pieces (currently $1 million 240 thousand), EOS stolen about 205392 pieces (currently $750 thousand), BTC stolen about 135 pieces (currently $530 thousand), ETH stolen about 2737 pieces (currently worth about 370 thousand dollars).
DragonEx is a Singapore virtual currency trading platform, we used to call “dragon”, was founded in October 2017. On the same day on-line distribution platform (DT) dragon coin coin. Dragon net had its first study on the transaction mode is mining and dividends investors know, May 2018 also had FCoin trading after mining the fire again dug up by the media reports, the dragon net also among the top 20 stock exchange trading volume. According to the latest CoinMarketCap data, dragon network currently ranked 31.
3 month 26 days, dragon net in its official telegraph group said, have verified the multiple currency stolen memory address, including 3194 ETC, 64120.65 XEM, 100 BCHABC, 46 BCHABC, 12 BTC. According to the Dragon Network 3 April 27 latest official website announcement, has been with the most exchange global relationship, synchronization of relevant information. And now Estonia, Thailand, Singapore, Hongkong and other administrative judicial organs alarm record, to assist the police in investigating actively.
But some users of microblogging seems the dragon network hacker attacks doubt that dragon net want to run away, “without any notice disclosure, we’ll tell you who the letter ah ~ it was stolen, if it is stolen, why not the hacker attacks the details announced.”
At this point, the daily planet Odaily to the dragon network related staff to verify the following statement: “got each other these days because of the need to tackle the related things busy, temporarily no time for an interview, the follow-up will collate information, published in the media, feel shy.” Odaily Daily Planet reporter contacted the relevant staff of a number of long nets, each other are not convenient to accept an interview to respond.
The latest announcement shows that the Dragon had recovered some digital assets, but did not disclose the details of recovery, also has not given any loss of assets of investors paid countermeasures, just say “dragon net will continue to suspend trading charge provided all the basic services, the platform will be announced within a week of asset loss and recovery situation.”
PeckShield security personnel, the preliminary results showed that the probability of a hacker to steal the wallet or illegally obtained API private key exchange server access, then the implementation of digital asset transfer batch. The specific implementation of the hackers stealing coins and money laundering can be divided into two stages:
Stealing coins occurred in 03 stages: 24 August 1 a.m. to 8 a.m., the hacker will exchange belongs to BTC, ETH, EOS and so on more than 20 currency assets transferred to the personal account, complete the transfer of assets to steal;
Wash coins: beginning in the 03 stage since Sept. 26, as of now, hackers have digital assets worth $929162 to various exchanges, is likely to have been sold, the remaining 5099121 associated account most of the money is still the attacker, further into the exchange may, the parties need to jointly implement fund closure.
According to the analysis of slow fog security team on the chain of information, DragonEx has multiple USDT false recharge attacks, and be successful currency transfer, causing huge loss of USDT. DragonEx released from the attacker address analysis, 20 currencies were all stolen (but there are some well-known DragonEx trading currency has not been released), attacking the currency from the chain behavior attack techniques are not exactly the same, the duration of the attack at least 1 days, but this can cause a large area steal the results, at least we can infer that the attacker took DragonEx as much as possible access control mechanism of DragonEx serious lack of wind.
Hackers steal money exchange is generally divided into “fake prepaid” and “traditional vulnerability access server control” of the two cases, but the DVP found that the wallet is stolen money, DragonEx exchange to receive recharge wallet have been looted, this is definitely not a value through a loophole which can cause the more likely the exchange is hacked wallet server, the private key and a private key exchange hot wallet recharge the wallet to complete the reception. Prior to this, DVP has received three vulnerabilities DragonEx exchange.
Block chain of big data service providers Chaindigg market partner Zhu Yajun on the daily planet Odaily said, “money lost in that range, we guess that the trading platform server received hacker attacks, but what is the specific vulnerability now do not say.” Chaindigg tracked dragon net lost USDT to bittrex, the main stream of money, full of money, the husband of gate exchange.
“From money laundering, hackers or prepared, there is no single on an exchange process, after some transactions. The dragon net, following is the biggest problem with other exchanges. According to our understanding, at present they are actively communicate with the exchange team. So how to exchange together to jointly resist the hacker behavior I think is to solve this kind of problem is a very important way.” Zhu Yajun analysis.
It is understood that some of the ETH currently dragon net has been lost to money, but the money according to the ANN co-founder of a pair of Odaily where the daily planet that has an currency standard procedure for this type of all stolen, if it is a direct transfer of money, security can be frozen, if repeated transfer cannot prove that law enforcement agencies need to provide for the timely investigation letter; provide job information, to provide the corresponding proof of security coins can be frozen, but if you can not provide relevant information, safety does not have permission to freeze the user free currency assets.
The DragonEX exchange stolen security incident, hackers within a short period of time will be a mainstream digital currency exchange in almost all of all transferred, followed by the other digital currency exchange funds input funds confused, smooth out.
However, at present most of the stolen assets still control in the hands of hackers, including the exchange of community parties according to the hacker account transaction real-time warning, assist the security company of stolen assets and lock closure, help the injured users to reduce loss of digital assets as much as possible.