Nearly 438 bitcoins worth over Rs 20 crore were stolen from a top exchange firm in India in what is being billed as the biggest cryptocurrency theft in the country so far.
Coinsecure, the Delhi-based cryptocurrency exchange, has filed an FIR with the cyber cell accusing its CSO, Amitabh Saxena, of siphoning off the money from the firm’s wallet, ET’s Nilesh Christopher reported. The exchange has urged the government to seize Saxena’s passport, fearing that he may leave the country.
A case has been registered under IPC sections and Section 66 of the IT Act.
What exactly happened?
The exchange, which has over two lakh users across the country, found that all the bitcoins that were stored offline had vanished. It was later found that the private keys — the password that is kept by the company and is stored offline — were leaked online, leading to the hack.
The company tried to trace the hackers, but found that all the data logs of the affected wallets had been erased, leaving no trails about where the bitcoins were transferred. The website of the company has since then remained shut.
On Thursday night, the company confirmed the hack to their users through a message posted on the website.
“We regret to inform you that our bitcoin funds have been exposed and seem to have been siphoned out to an address that is outside our control. Our system itself has never been compromised or hacked, and the current issue points towards losses caused during an exercise to extract bitcoins to distribute to our customers,” the company stated.
The company’s founder and CEO Mohit Kalra told TOI that he suspects an insider’s hand in this.
“Private keys should have never been exported online. It looks like a crime committed intentionally. We have shared our suspicions with the Cyber Cell, and contacted specialists to find out the source of the hack and trace the bitcoins,” Kalra said, adding that even if funds are not recovered, his company is willing to pay from its own pocket to compensate its customers.
Police said that the company’s servers have been seized to ascertain the extent of the system breach. It is also being checked if more wallets have been compromised. The senior security officials of the company have also been called in for questioning.
Cyber security experts said that the private keys – the password that is kept by the company is never connected to an online system. But police found that not only were the private keys online, they were kept like that for more than 12 hours. Police are also checking if malware infection led to the hack.