The blockchain data science firm, Elementus, which figured out that the Cryptopia hackers had gotten away with almost eight times the amount reported, has reported again about Cryptopia.
The hackers who originally made away with $16 million worth of crypto tokens have struck again after 2 weeks. Elementus previously noted that many Cryptopia wallets were still vulnerable to attack.
Elementus CEO Max Galka wrote:
“Among the wallets affected are the 1,948 at-risk wallets https://github.com/elementus-io/cryptopia-hack we identified previously, some of which have continued to accrue funds as recently as today. The list also includes over 5,000 wallets that had already been drained in the original hack, but have since been topped up, presumably by unknowing Cryptopia users. […] The funds began moving at 6:59 AM this morning (Monday, 28-Jan)“
Galka reports that the Cryptopia hacker used Ethereum address 0x3b46c790ff408e987928169bd1904b6d71c00305.
At the end of the day, the funds moved to address 0xaa923cd02364bb8a4c3d6f894178d2e12231655c, which had a balance of nearly 30,790 Ether as at the time of reporting. That amount of Ether is currently worth roughly over $3.2 million.
This address is confirmed as having been used in the previous Cryptopia hack. Galka said they initially considered the idea that the exchange was moving funds to secure them but not until it happened again.
He wrote: “Initially, it looked like [Cryptopia securing their funds] could be the case, but by 9:50 PM this evening, it became obvious this was the same hacker. At that time, the incoming transfers stopped and the funds were moved into the address below, one of the wallets used in the prior series of breaches.”