The South Korea-based Coinrail exchange was hacked, which resulted in a loss of approximately $40 million, reported Coindesk on June 11.
The trading platform has suspended its services after it suffered from a “cyber intrusion,” resulting in a range of ERC-20 based tokens stolen from the exchange.
Coinrail only announced some of the tokens that were stolen through the breach, which includes the NPXS token from the Pundi X project, ATC from Aston and the NPER project’s NPER token, without revealing the exact amounts at stake.
According to a blog post written by Pundi X, it is suggested that the hacker may have stolen 1,927 ether, 2.6 billion NPXS, 93 million ATX and 831 million DENT coins, and other considerable amounts from 6 other tokens.
Coinrail believes that the ethereum address “Fake_Phishing1432” is linked with the hacker.
The same address tried to sell some 26 million NPXS tokens at IDEX, a decentralized ethereum asset exchange, immediately after receiving 2.6 billion NPXS from another suspicious address “Fake_Phishing1431.”
IDEX froze the assets sent from the Fake_Phishing1432 address and the NPXS tokens were not sold, according to Coinrail and IDEX.
Hours before the hack, Fake Phising1431 received many cryptocurrencies from a single address, including ETH, NPSX, ATX, DENT tokens but also obtained tokens from other projects such as Kyber Network, Storm, Jibrel Network and Tron.
Coinrail wrote on its website that it has moved 70% of its reserve to a cold wallet that is not accessible through the internet making the most part of their asset safe.
For the other 30% that was stolen, the exchange stated that two third of it is currently frozen and that the other part that was lost is currently being investigated with “police, investigators, relevant exchanges and project developers.”