$8 516 000 USD

JULY 2014

UNITED STATES

CRYPTSY

DESCRIPTION OF EVENTS

"Cryptsy was a US based crypto exchange and one of the most popular at that with a clear and easy to used interface specifically for trading crypto to crypto - for example dogecoin for litecoin. In this respect, Cryptsy was one of the leading crypto exchanges out there."

 

"Cryptsy was created as a hobby, because I was running around 25 different altcoin pools, from litecoin to Mintcoin to Feathercoin and many other coins; I just can’t name them all; I had too many different pools and there wasn’t a place where you can go and exchange all of them."

 

"2-3 weeks later, I hammered out most of the bugs that I found and started to get more and more sign-ups and these were people who were coming from elsewhere i.e. they weren’t coming from my pools and that was around May 2013, when I officially launched the site. I ran that for a while, just as a hobby for a few months and it started picking up more and more users, approximately 200-300 new users a day, and I wasn’t doing any kind of advertising and I still don’t do any kind of advertising."

 

"[A]round August 2013 is when I started considering that may be I should make Cryptsy my full time job, I opened up a small office here in Florida, hired my first employee, who was my accountant, because of all the trading activity that started going on, I knew I needed somebody to keep track of all these numbers, so that was the first hire and then by October, I had left my job and started working for Cryptsy full time and by the end of that year, I probably had 4-5 employers working and I don’t know if you remember, but by November 2013, there was a huge explosion in trading, across all exchanges, not only on Cryptsy, but all, so that was a crazy month."

 

"I am not going to tell you all details [about our security] because this is classified info, but we have a lot of different layers. We use Incapsula, our DDoS protection provider, which is our first security layer and then, we have frontend web servers, which is our second security layer, and all of those have firewalls and all of our online databases are backened, so the rest of the services , servers and other stuff aren’t accessible from the public internet, which is a key strategy when trying to boost security as the best way to be secure is not to plug in to the internet. Our wallets have several security layers and they are really hard to get into even for me, so wallets’ security is a priority especially when you have a couple of hundred altcoins on the platform."

 

"The Company started offering fiat to Bitcoin and other altcoin pairs in 2014. The process of depositing and withdrawing fiat currency can take time as they use a variety of providers such as Interac and EgoPay, where other exchanges offer more simplistic methods to get any fiat currency into bitcoin. Initially, you could pay by cheque to the Company so the electronic transfer was a welcome change."

 

"The exchange had a rebate program as well as a tiered fee structure that changes with respect to your 14-day average volume. With the maximum discount in place, your trading fees were as low as 0.1% or as high as 0.33%. Internal transfers to other users were free of charge but withdrawals came with a standard industry surcharge."

 

"We have 322,000 users at the moment; of those 50,000-200,000 are active but it depends on how you classify someone is an “active trader”."

 

"Lucky7Coin (LK7) [was] a PoW/PoS coin in the family of PPCoin/Novacoin with latest available algorithms that fixed various problems in the recent PoW/PoS coins. As compared to the PoW only coins, the proof of stake coins are more resilient to 51% attack. Also it is a long term energy-efficient cryptocurrency." "[O]n 5/22/2014, [the Cryptsy platform] received [a] message from the new developer who wanted to maintain the codebase."

 

"Lucky7Coin is not maintained and I would like to take care of it. I have announced that on bitcointalk.org in Lucky7Coin thread. You’re the only exchange for this coin and I hope you will let me take care of it. I’m responsible. You don’t have to be afraid of errors or forks. I’m developing multipool and I know bitcoin internals and protocol."

 

"Branch “master” will always be for stable version, branch “devel” could be dirty. In a 2-3 weeks I’ll release new version with p2pool support and checkpoints. Before that I’ll contact you to check few blocks hashes for checkpoints and make sure there is no fork."

 

"[W]e were alerted in the early AM of a reduction in our safe/cold wallet balances of Bitcoin and Litecoin, as well as a couple other smaller cryptocurrencies." "2014-07-29 13:17:36 is when the event occurred." "After a period of time of investigation it was found that the developer of Lucky7Coin had placed an IRC backdoor into the code of wallet, which allowed it to act as a sort of a Trojan, or command and control unit. This Trojan had likely been there for months before it was able to collect enough information to perform the attack."

 

"Some may ask why we didn’t report this to the authorities when this occurred, and the answer is that we just didn’t know what happened, didn’t want to cause panic, and were unsure who exactly we should be contacting. At one time we had a open communication with Secret Service Agent Shaun Bridges on an unrelated matter, but I think we all know what happened with him – so he was no longer somebody we could report this to. Recently I attempted to contact the Miami FBI office to report this, but they instead directed me to report it on the I3C website. I’ve not heard anything from them."

 

"This of course was a critical event for Cryptsy, however at the time the website was earning more than it was spending and we still have some reserves of those cryptocurrencies on hand. The decision was made to pull from our profits to fill these wallets back up over time, thus attempting to avert complete closure of the website at that time. This worked fine for awhile, as profits decreased due to low volume and low Bitcoin prices, we would adjust our spending accordingly. It wasn’t until an article from Coinfire came out that contained many false accusations that things began to crumble. The article basically caused a bank-run, and since we only had so much in reserves for those currencies problems began."

 

"Cryptsy Announcement: http://blog.cryptsy.com/ ALL trading and deposits are OFF. More wallets opened for withdrawal 1/27/2016"

 

"In any case, it is our intent to get every user their funds. Depending on what option or combination of options we end up doing, this may take some time."

 

"Trades and withdrawals will be suspended on the site indefinately until some sort of resolution can be made. Here are our options: (1) We shut down the website and file bankruptcy, letting users file claims via the bankruptcy process and letting the court make the disbursements. (2) Somebody else comes in to purchase and run Cryptsy while also making good on requested withdrawals. (3) If somehow we are able to re-aquire the stolen funds, then we allow all withdrawal requests to process. I’m obviously open to any other ideas people may have on this. If you have information, you can email."

 

"Following an attack on the crypto exchange, Cryptsy filed for insolvency in January 2016. Per the exchange, it lost around 13,000 Bitcoin and 300,000 Litecoin to the hackers, out of which approximately 10,000 Bitcoins belonged to its clients." "The site, which previously said that it would suspend trading and withdrawals indefinitely, has been taken offline as of press time."

Cryptsy was once one of the leading platforms in the United States, allowing users to trade over 200 different cryptocurrencies. It was reportedly started as a hobby project in 2013, before growing rapidly.

 

One of the tokens listed on the Cryptsy platform was called Lucky7Coin, which was unique in that it's mining algorithm was based on finding 7s instead of 0s like bitcoin or other coins. This project was eventually abandoned by it's initial developer and a new developer took it over.

 

This developer mailed the Cryptsy team to notify them that he was taking over and provided them with a new IRC channel for the wallet. The IRC channel was used to provide information, and it appears that the wallet relied on this information to potentially execute additional instructions, creating a remote command and control malware.

 

It is believed that the developer used this backdoor to exploit the funds on the Cryptsy exchange, which were largely stored "hot", in a device with an internet connection running the backdoor. 13,000 bitcoin and 300,000 litecoin were reportedly taken from the platform, though the blockchain reports slightly less (11325.0965 BTC and 247,507.99 LTC). This hack placed the Cryptsy exchange into a position of extreme insolvency and was not shared with the public to avoid ensuing panic. The Cryptsy platform continued to operate for another year and a half before failing to handle withdrawals and collapsing.

 

The coins were split into separate wallets with a balance of 1,000 bitcoin each, and stayed idle all the way until 2022. It appears that on March 29th, 2022, the balances on the theft accounts were split up further into even smaller wallets. There are no reports of any funds having been recovered from the hacker.

HOW COULD THIS HAVE BEEN PREVENTED?

The primary failure was that funds were stored online and no multi-signature setup was employed. The keys for the wallets should have been stored fully offline and certainly not on an internet-connected device.

 

Wallet software was installed from an untrusted and anonymous source and not carefully vetted by anyone.

 

The attack was not disclosed and no resources were available to assist victims of the platform whose funds were taken. This soon resulted in the downfall of the Cryptsy platform.

 

Check Our Framework For Safe Secure Exchange Platforms

Infographic: An Overview of Compromised Bitcoin Exchange Events (Jan 29)
100 Crypto Thefts: A Timeline of Hacks, Glitches, Exit Scams, and other Lost Cryptocurrency Incidents (Jan 24)
Bitcoin Scams and Cryptocurrency Hacks List - BitcoinExchangeGuide.com (Mar 4)
Cryptsy CEO Indicted for Defrauding Crypto Investors, Destroying Evidence – Regulation Bitcoin News (May 7)
Coinbase Settles Cryptsy Victims' Lawsuit for $1 Million (Jul 8)
https://www.cryptsysettlement.com/ (Jul 8)
Cryptsy - Trade Home (Jul 8)
Cryptsy - Trade Home (Jul 8)
https://coinmarketcap.com/exchanges/cryptsy/ (Jul 8)
Cryptsy Blog (Jul 8)
[ANN][LK7] Lucky7Coin - PoW/PoS, BonusBlock based on your lucky 7s! |No Premine  (Jul 8)
[ANN][LK7] Lucky7Coin - PoW/PoS, BonusBlock based on your lucky 7s! |No Premine  (Jul 8)
GitHub - alerj78/lucky7coin (Jul 8)
0c07e0bec1002bd2 [WalletExplorer.com] (Jul 8)
b16b6dbcdba373b3 [WalletExplorer.com] (Jul 8)
c7b46a79fd8887038bd3a8e884b04820038415a60e0b9d2c2f5bcff68a2687bf [WalletExplorer.com] (Jul 8)
Cryptsy's CEO - A Hard Man In The Face of Coinfire's Aggro!!! (Jul 8)
https://web.archive.org/web/20160317160556/http://ltc.blockr.io/tx/info/61e61a63f35c951a16870df9e0a34df462ee473fde819d134da9485d2e7d8f44 (Jul 8)
Litecoin / Transaction / 61e61a63f35c951a16870df9e0a34df462ee473fde819d134da9485d2e7d8f44 — Blockchair (Jul 8)
Bitcoin price today, BTC live marketcap, chart, and info | CoinMarketCap (May 15)
https://coinmarketcap.com/currencies/litecoin/historical-data/ (Mar 1)

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.