Coinrail

2018-06-10

Coinrail detects a security breach affecting its hot wallets over the weekend. Approximately 30 percent of the exchange's token reserves — over $40 million at then-current prices — are stolen, including NPXS, ATX, DENT, ETH, and TRX. The exchange suspends all services.

2018-06-10

Coinrail publicly announces the breach on its website. The exchange states that 70 percent of reserves are safe in cold storage and that two-thirds of stolen tokens have been frozen in coordination with partner exchanges and token projects.

2018-06-11

Bitcoin falls approximately 7 to 11 percent and the broader crypto market loses over $40 billion in market capitalization in the wake of the Coinrail news. Ethereum, Ripple, and Bitcoin Cash each drop by 5 percent or more.

2018-06-11

South Korean police formally launch an investigation, securing access logs from Coinrail's servers. The Korea Internet and Security Agency (KISA) begins a parallel technical review.

2018-06-25

The attacker attempts to liquidate stolen NPXS tokens on IDEX, a decentralized exchange. Pundi X requests and obtains an urgent suspension of NPXS trading on IDEX to prevent the sale.

2018-06-27

Pundi X publishes a detailed update disclosing that it suspended the NPXS smart contract for 10 days at the request of Korean police, blocked monthly distributions to the hacker's wallet, and cooperated with the ongoing official investigation. Pundi X declines to issue replacement tokens, stating that Coinrail bears legal responsibility for the breach.

2018-07

Korean authorities and KISA complete their preliminary technical analysis of the breach. No arrests or public attribution of the attacker are announced. The exchange does not reopen for standard trading operations.