Coinrail, a South Korea based cryptocurrency exchange, announced on Sunday that its platform was attacked by hackers, with some sources saying that it lost cryptocurrencies as much as $40 million in the hack.
The exchange has already suspended services after it experienced what it names a “cyber intrusion,” in which various ERC-20 based tokens were stolen from the platform, according to its website.
However, Coinrail just revealed the names of some of the tokens that were lost in the alleged hack without stating exactly how much was lost. Among the stolen tokens were: the NPXS token from the Pundi X project, ATC from Aston and the NPER project’s NPER token.
Pundi X posted on their blog on Sunday that suggested that the hacker may have taken around 1,927 ethers, 2.6 billion NPXS, 93 million ATX and 831 million DENT coins, as well as substantial quantities of six other tokens.
These assets total up to $40 million when the hack occurred and since then, the sum went down to around $30 million when the article was written, according to data provided from CoinMarketCap.
Pundi X’s blog post suggested that after the hack, Coinrail notified the project on Sunday to an ethereum address which is thought by Coinrail to belong to the hacker. That address is now labeled as “Fake_Phishing1432.”
Data from Etherscan.io reveals that the address attempted to sell around 26 million NPXS tokens on IDEX, a decentralized Ethereum asset exchange, right after it got 2.6 billion NPXS from another address that is also now branded as a distrustful account – “Fake_Phishing1431.”
Coinrail and Pundi X claimed that IDEX held the assets received from the Fake_Phishing1432 address after further exploration and froze the liquidation of NPXS tokens.
In addition, the transactions that were linked with Fake_Phishing1431 indicate that it received a variety of cryptocurrencies from a single address a few hours before the hack was reported by Coinrail, which, aside from ETH, NPSX, ATX, DENT, also involved tokens from other projects including Kyber Network, Storm, Jibrel Network and Tron.
Data from etherscan.io further shows that, after the hack, while the NPXS was sent to IDEX, other stolen tokens seem to have been directed to the EtherDelta cryptocurrency exchange.
Though it remains unclear at this point if the assets had been cashed out or not. Coinrail could not be contacted for an update, and EtherDelta has not yet responded to give a comment.
Coinrail stated on its website that 70 percent of its funds are stored safely as they have been redirected to a cold wallet which is cannot be accessible via the internet.
For the 30 percent that was lost in the hack, the company said two-thirds of them are presently frozen. In the meantime, the final third of those tokens it’s still being investigated by “police, investigators, relevant exchanges and project developers.”
Data from CoinMarketCap ranked the platform on the 90th position around the time of the attack, with 24-hour trading volume that totaled up to $2 million on the site. The exchange’s data is currently not available on the site the system was suspended.