Bitcoin Exchange Cryptoine Hacked Due To Trading Engine Bug

March 24, 2015

The stressful times for Bitcoin exchanges around the world will not come to an end anytime soon, as we learned earlier today that the Cryptoine platform has been hacked. Not too many details have been made available at this point in time, but we will recap the information we managed to obtain so far.

Cryptoine – Brief History

The Cryptoine exchange lets users trade Bitcoin against various other digital currencies, and does not handle any fiat currency transactions. Similar to most cryptocurrency exchanges, the trading of coins intermittently is a solid business model which does not [yet?] require the owner(s) to obtain a specific money transmitting license.

Cryptoine was originally announced to the public in July of 2014, and came forth from a group of digital currency enthusiasts who were not satisfied with the cryptocurrency exchanges at that given time. All of them felt confident they could do a far better job, so they decided to create their “next generation platform”.

One of the key areas of running a successful [digital currency] exchange is offering top notch security. The Cryptoine team focused on that area from the beginning, by running a passive wallet, which was not accessible through the trading engine. Furthermore, the website’s front end could not connect to the wallet either, nor was there information to be found regarding the Bitcoin wallets’ private keys.

Most people who use a digital currency exchange are rather hesitant to create a user account there. As we all know by now, user accounts are a perfect target for hackers and hoodlums. Cryptoine acknowledged that desire and ran their exchange service without collecting any personal data from its users, nor asking them to verify their account at any time.

To offer even more layers of security, the Cryptoine team created daily balance reports for all of their users, all of which are verified by humans. By strictly calculating the user balances at the end of every day, the team could keep an eye on how things were going, and quickly detect any malicious attempts of cheating the system in any way.

Trading Engine Bug Cause of the Attackshutterstock_230705509

Despite all of these – and other – security precautions, you still run the risk of discovering a bug once the damage has been done. Unfortunately for the Cryptoine team, this is exactly what happened overnight. According to the message posted on the website’s main page, a hacker managed to exploit a race condition bug in the trading engine.

Because of this race condition exploit, the hacker [apparently, it was one individual as far as we know] managed to manipulate several of the exchange’s orders and create a fake balance for himself/herself. It remains unclear whether or not this hacker managed to withdraw any of the funds, as the Cryptoine team has not revealed those details yet.

If you liked this article follow us on twitter @btc_feed and subscribe to our newsletter.

Source : https://cryptoine.com/

About The Author

Jdebunt

JP Buntinx is a FinTech and Bitcoin enthusiast living in Belgium. His passion for finance and technology made him one of the world's leading freelance Bitcoin writers, and he aims to achieve the same level of respect in the FinTech sector.