ShapeShift.io staff revealed today that roughly $230,000 worth of digital currency deposits was stolen from the exchange’s hot wallets since the 14th of March, when the the first portion of the theft occurred.
After the initial 315 BTC theft on the 14th, Shapeshift considered migrating to a new data center when another theft occurred on the 7th of April, which removed 97 BTC, 3600 ETH and 1900 LTC, from the exchange’s hot wallets.
Following the second theft, ShapeShift was taken offline and rebooted on new servers within 24h.
According to the timeline of events provided in today’s post, ShapeShift staff established contact with the perpetrator, who then explained how a “rogue” employee sold crucial information necessary for the attack.
“During that rebuild, contact was established with the hacker, who indicated that the rogue employee from the month prior had given the hacker the information needed to carry out the attack.”
When staff relaunched the exchange for the third time, an additional 57 BTC and 2200 ETH was stolen once again from hot wallets.
At this point, Ledger Labs forensics investigator Michael Perklin was brought in to assist with a security audit. The hacker – who called himself “Rovion Vavilov” – provided evidence to ShapeShift staff and explained how the attack was carried out.
“In these sessions, evidence was provided showing how the hacker breached both environments, using information he had purchased from the former employee.“
The release stated that ShapeShift’s trading infrastructure is currently being rebuilt with the help of Mr Perklin and that the exchange will re-launch sometime on the 20th of this month. An extensive security report has been release by Ledger Labs today that provides technical details on the incident.
If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.