Cryptocurrency platforms have been prone to hacks throughout the years. Over the past 24 months, we have seen cybercriminals double down on their efforts to infiltrate such platforms and steal as much money as possible. In the case of Coincube, it seems a big heist took place not long ago. Its database was compromised, allowing an attacker to drain large sums of money. It was a very unfortunate incident, although it remains to be seen if the victims will be reimbursed.
COINCUBE SUFFERS MAJOR DATA BREACH
For readers who are not familiar with the Coincube platform, allow us to explain it briefly. Coincube is an investment platform which mainly focuses on index-based cryptocurrency investing. Users can pick the coins they wish to trade, and the Coincube team will take care of the trading. Users remain in control of their funds at all times, which makes concepts like this one rather appealing. For now, the service is in closed beta, and it is a bit unclear when it will be opened to the public.
It is perhaps a good thing that this service is not open to the public just yet. According to an email sent to platform users, Coincube’s database was breached by an unknown assailant, but the number of victims was limited to just two accounts. One of those users is Coincube’s CEO, Robert Allen.
It is unclear who the other affected user is, nor do we know how much money was drained from these accounts, although the email claims it is “a large sum”. The assailant successfully gained access to the platform’s database and used API keys to log into specific user accounts. This may have been a targeted attack, although that has not been officially confirmed by the Coincube team at this point. All users are asked to delete any API keys connected to this platform and to generate fresh ones.
According to the email, the assailant gained access to these accounts in order to place large limit orders. By setting the price very close to zero, they quickly dumped through the entire order book to ensure the users’ available funds were drained quickly. Even though some money was lost in the process, it does show there was a clear intent to cause financial harm to owners of the affected Coincube accounts. It’s a very troublesome development, although it’s not the first of its kind.
So far, the Coincube team has performed a security audit and ensured its database is fully secure once again. Generating new API keys should not result in any issues, although users have been asked to implement IP address whitelisting as an additional security measure. Surprisingly, this is not possible on Bitfinex or HitBTC, which is somewhat worrisome. By using this whitelisting approach, only authorized Coincube trades will be performed on behalf of the user.
Considering that one of the affected users was the platform’s CEO, it is doubtful he will be reimbursed. The other account in question, however, is a different matter altogether. Although the email doesn’t mention any reimbursement, the company will have to undertake some action in this regard. For now, all users have received is an apology for the database breach, but that may not satisfy everyone. It will be interesting to see whether this hack affects the future of Coincube as a company.