Press "Enter" to skip to content

Cryptocurrency Exchange Cashaa Reports Hack, says ~336 BTC stolen

Update note: The article has been updated after Cashaa released more information about the hack and loss of funds.

Cashaa has become the latest in a long line of cryptocurrency exchanges which has lost Crypto funds to an attack. 336 bitcoins were stolen from an OTC partner of the exchange on Friday afternoon after an “OTC transaction Manager” logged into his system and made two transfers from the company’s wallet.

The UK based Neo-bank that offers financial services for cryptocurrency businesses, also runs a cryptocurrency exchange for retail investors and traders. Users from India could deposit INR into the exchange and then use it to buy cryptocurrencies. Cashaa also has an OTC desk that has partnerships with multiple Cryptocurrency exchanges in India.

Cashaa suspects a malware was installed onto the computer used to make exchange transfers like user withdrawals, which notified the hacker when their partner logged into the account at 1:23 PM on July 10 and made two transfers from the wallet. Cashaa’s OTC Transaction manager was using a Blockchain.com wallet to store and send BTC.

Between 1:23 PM and 1:26 PM, all the funds, around 336 BTC from the wallets were sent to one Bitcoin wallet – 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek.

Cyber Crime Incident Report

Coin Crunch received a copy and screenshots of Cyber Crime Incident report with acknowledgment number 20807200031555. The report is filed under Cryptocurrency Crime category. Coin Crunch could not independently verify the complaint with any police source.

In order to protect the identity and personal information of the employee, only the first page of the complaint is shared below. In the other images received by us, we noticed the email used to file the complaint belongs to the domain Cashaa.com. We also verified the phone number on the report using third party phone number validation tools, it belonged to the same person whose name is used in the report.

Cyber Crime incident shared by Cashaa to Coin Crunch

Cashaa added, “We are still investigating the damage caused by the incident and might suspend all deposits and withdrawals for 24 hours”.

While not commenting on the hack itself, the CEO of Cashaa blamed increase in hacking incidents on the exchanges that support trading where these hackers can deposit the funds.

“Everyone working in the crypto industry has to work very hard to bring the same level of security which currently an average person has when dealing with a bank account. As of today, hackers are very confident to hack crypto addresses and move it through exchanges that are facilitating such laundering through their systems. Exchanges like these must be shut down and owners of these exchanges should be charged with money laundering facilitation crime.”

Kumar Gaurav, CEO Cashaa

Cashaa’s report on the “Hack”

Coin Crunch broke the news of the hack in order to alert exchanges and individuals, after the CEO of Cashaa Kumar Gaurav shared the statement and copy of the complaint with us. Soon after Cashaa released a public statement on twitter and an article on Tuesday.

Cashaa Wallets are Safe

Cashaa in its statement clarified that the funds on Cashaa Wallets and Cashaa.com are safe and the incident was an isolated case when one of their OTC employee used a personal machine to process user transactions. The CEO Kumar Gaurav in the statement says Cashaa UK is completed unaffected.

“A cyberattack occurred on our system that was able to penetrate a vulnerable machine of a ‘Cashaa India OTC’ Employee. Within microseconds, all the funds in that account were wiped off in this first transaction signed.”

Cashaa

Employee used a personal computer

The employee apparently was unable to use his company computer as the device was malfunctioning hence was given an approval to use a personal computer and online wallets to process transactions. He started using it on July 8, two days before the “hack”.

“We made an exception and allowed him to do so keeping ‘customer experience’ in mind for the ongoing OTC deals/transactions.”

Cashaa

Once the employee made a couple of transactions using the personal computer on July 10, the rest of the funds from the wallet were stolen by hackers within short time.

“Hackers got the control of our employee’s computer with active sessions opened in the browser. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used.”

Cashaa

Support from Exchanges

Almost all exchanges have extended support to Cashaa in monitoring the addresses and report any suspicious transactions. Judging from the transactions from the reported address, it appears a coin Mixture software is being used to move the funds and reduce traceability.

Cover Image by Robinraj Premchand from Pixabay
Disclaimer: CoinCrunch.in content is informational in nature and is not meant to be investment advice. Buying, trading or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their due diligence before making any decisions. © 2020 CoinCrunch
Latest Posts