Analyst: Third Round of Cryptopia Wallets Emptied (UPDATED)

Sead Fadilpašić
Last updated: | 2 min read

A third wave of crypto wallets tied to cryptocurrency exchange Cryptopia were emptied to the tune of around USD 30,000 – USD 40,000 worth of ether, co-founder and CEO of blockchain analysis protocol and platform Elementus, Max Galka, told Cryptonews.com. (A new paragraph – in red.)

Source: iStock/Lightguard

This makes it a smaller-scale theft than the previous two rounds, but raises the question – why are people still depositing their cryptocurrencies into Cryptopia-owned wallets?

Contrary to many warnings issued by both Cryptopia and Elementus, as well as the media coverage surrounding this story, users seem to continue depositing their assets into the wallets that were still at risk, making them easy pickings for the hackers.

“People keep depositing,” Galka said. “As long as that happens, these guys will continue taking the money. Any wallet that previously belonged to Cryptopia – we assume it is under the hackers’ control.”

Meanwhile, Cryptopia just released another update saying that they have “transitioned 24% of all wallets to our new secure servers. Once the read only site is online, we will be keeping users up to date on which wallets have been checked and secured via the coin info page.”

As for the amount that was stolen, Elementus previously tweeted that around USD 3.2 million worth of tokens were liquidated before this incident, most of that on cryptocurrency exchange Etherdelta. “Now that number is around USD 4 million,” Galka said.

Meanwile, ether address, involved in Cryptopia’s hack has almost ETH 30,790, or USD 4.22 million on its balance.

Following the first hack in January, the total estimated value of ether and ERC20 tokens stolen was around USD 16 million (again, the number does not include bitcoin.) Only two weeks later, an additional 7,000 Cryptopia wallets were drained of 1,675 ETH (around USD 180,000 at the time of the theft), Elementus learned. Back then, the blockchain analysis company concluded, “Consistent with our earlier hypothesis, Cryptopia no longer has the private keys to their Ethereum wallets and the hacker does.”

Meanwhile, the exchange announced this Thursday that they aim to reopen their site “as read-only” by Monday. A day ago, the company said that “worst case 9.4% of our total holdings was stolen” and they are “securing each wallet individually to ensure the exchange is fully secure when we resume trading.” Also, Cryptopia asked their clients to refrain from depositing funds into old Cryptopia addresses “as a result of the new wallets.”

As many experts have stressed, crypto users should keep their private keys to their coins offline, e.g. in hardware wallets such as Ledger, Trezor, KeepKey and others.