The Cryptopia Hack Timeline: as it happened

13 Feb, 2019 | Updated: 07 Mar, 2019
by Ryan Boltman
News
The Cryptopia Hack Timeline: as it happened

New Zealand's top cryptocurrency trading exchange saw a splendid climb to the top over the course of several years. Unfortunately, the latest hack on the exchange has left many questions unanswered and many more users confused. The recent hack saw roughly $16 million worth of crypto stolen from the exchange from under their noses. We document the timeline of activities below.

Want to receive the latest Chepicap news in your Blockfolio app? Help us to get listed by upvoting here! A big thank you from Team Chepi!

14 Jan  - Cryptopia enters maintenance mode

Monday January 14, Cryptopia appears to go offline with an announcement citing: "We are currently experiencing an unscheduled maintenance, we are working to resume services as soon as possible. We will keep you updated."

15 Jan - Maintenance downtime reaches 18 hours

The unusual downtime has many users concerned, the maintenance downtime has had no updates.

15 Jan - Cryptopia releases notice of hack citing “significant losses”

Later that day, Cryptopia announced that a hack on the exchange had taken place, leading to "significant losses" and that the exchange would remain in maintenance mode to "assess damages" A police investigation into the hack is opened and employees are questioned at the Cryptopia headquarters.

Read more: Breaking: New Zealand cryptocurrency exchange Cryptopia hacked

15 Jan - Crypto exchange CEO's comment on hack

Binance CEO CZ commented on the Cryptopia hack, stating users should rather store their tokens on trustworthy exchanges. The ill-timed tweet did not sit well with the community. Kraken CEO Jesse Powell commented on CZ's tweet, telling users to remove their tokens from exchanges, including Kraken. In the meantime, the crypto community expressed their concerns about the lack of information coming from Cryptopia. The first accusations of an 'exit scam' pop up on Twitter and Reddit

Read more: CZ responds to Cryptopia hack with suggestions for keeping your coins safe

16 Jan - Binance begin freezing stolen funds sent to their exchange

Following a tweet from a sleuthing Twitter user regarding the movement of funds to Binance, CZ announced that Binance will be doing what they can to block all stolen funds being sent to Binance.

Read more: Binance freezes stolen Cryptopia funds after Twitter warning

17 Jan - KuCoin announces it will freeze hacked funds

KuCoin CEO Michael Gan also tweets that "KuCoin will freeze any funds from Cryptopia"

21 Jan - Elementus announce summary of the hack, citing Cryptopia lost access to their wallets, potential for more funds to be stolen

Elementus releases its report on the state of the Cryptopia hack, stating that the hack totalled $16m with $800k already sold. Elementus also conclude that "One possible explanation is that Cryptopia had their private keys stored in a single server with no redundancy. If the thieves managed to gain access to this server, they could have downloaded the private keys before wiping them from the server, leaving Cryptopia unable to access their own wallets."

Read more: New analysis on Cryptopia hack reveals dire facts, not only the total amount

22 Jan - NZ police announce “Good progress is being made”

The police investigation is now over one week old, and a new update from the New Zealand Police announces "Good progress is being made and positive lines of enquiry are being developed to identify the source of the transfer."

Read more: New Zealand police making progress in Cryptopia hack investigation

25 Jan - NZ police announce that Cryptopia may resume business in February 2019

In a letter sent to users, NZ Police state that the case is, and will remain a protracted and complex investigation. The announcement also states that Cryptopia may resume business in February 2019.  

Read more: New Zealand police state Cryptopia may reopen in early February

28 Jan - Hack continues with $180,000 in crypto stolen

The hackers continue to drain Cryptopia wallets, with a further $180,000 drained from users wallets, adding more credibility that Cryptopia may have lost access to their private keys for all their wallets.

Read more: Cryptopia compromised by another attack, $180,000 worth of ETH stolen


5 Feb - "NZ Police has no clue what's going one"
On February 5, security expert Alex Sims stated that the New Zealand police is struggling to deal with the Cryptopia hack. According to Sims, the local police may not be well equipped to handle such a hack. "No one seems to have a clue what's going on. But this hasn't come out of the blue. There has been a lot of dialogue in recent years about the security of cryptocurrency and where to store the digital wallets." 

7 Feb - Investigation "is progressing well"

A recent statement released by the New Zealand police has confirmed that the investigation "is progressing well and advancing on several fronts". While it's not yet clear if or when Cryptopia will be able to reopen, the police have stated that they expect their investigation to conclude at the Cryptopia headquarters on February 15. Additionally, police are "actively tracking" the stolen funds on the blockchain, so with a bit of luck the identity of the thief may soon be known.

13 Feb - New Zealand police announce Cryptopia can "open again whenever they like."

The NZ Police begin to conclude their investigation with detective inspector Greg Murton stating "We have finished the main part of the work required by the High Tech Crime Group at Cryptopia's business premises, although HTCG staff remain there finishing up aspects of their work". However no news or signs of Cryptopia opening up for business appear to be in the pipelines. The exchange still remains silent regarding communication.

27 Feb - Update: Max of 9.4% of holdings stolen

The exchange is still assessing the damage made by the hackers in January, and states that 'we have calculated that worst case 9.4% of our total holdings was stolen.' To ensure that everything is fully secure when trading resumes, they are individually securing each wallet on the exchange.

28 Feb - Traders will find out on Monday if their funds are still intact

Cryptopia exchange, announced today that a 'read-only' version of the platform will go live on Monday 4th of March, meaning that traders affected by the $16 million hack, can see just how affected they are. The firm further announced the return of founders, Adam Clark, and Rob Dawson, who will take the lead in setting a strategic direction for the exchange.

Read more: Cryptopia traders will find out on Monday if their funds are still intact

1 March - Cryptopia has moved 24% of their wallets to secure servers

The hacked New Zealand exchange states that the company is 24% done with migrating their wallets to new secure servers. The announcement comes after a week of updates from the company following radio silence over the past month during the course of the investigation.

4 March - Plans to open exchange are delayed until tomorrow

Cryptopia announced that they will be re-opening their exchange on Tuesday 5 March, and not Monday 4 March, due to unexpected delays. In a recent tweet from the company, Cryptopia said "Update: We were aiming to get the site live today however, we have had a slight delay and are aiming to have the site live tomorrow. We will keep you updated as this progresses."

5 March - Cryptopia finally reopens in 'read only' mode

Cryptopia has announced that is has finally reopened the exchange. However users will not be able to trade or do anything, other than see their balances on the exchange. Users currently cannot, trade, deposit, or withdraw funds.

6 March - Cryptopia is on its way to a full recovery

Following the opening of the platform again in a read-only mode just recently, the exchange said that they will be introducing cancel-only mode for their users in the next few days. The announcement wrote that users are allowed to cancel any positions accordingly on this mode, although there’s no detail on how many days will “the next few days” be.

Read more: Cryptopia will introduce cancel-only mode to users, before resuming trading


This timeline will be updated when new events occur. 

Read more: Expert on Cryptopia hack: "No one seems to have a clue what's going on"

Follow Chepicap now on Twitter, YouTubeTelegram and Facebook!

Read more about:HackCryptopia

Poll

Do you have funds on Cryptopia?

(370 votes)

Add a comment

I think it's cryptopia itself that leads the attack! how it is possible to violate all those portfolios with two-factor authentication plus all emails to withdraw coins!
05 Feb, 2019 - 19:13
Yeah, exit scam IMHO :(
07 Feb, 2019 - 20:54
You don't get it. The hacker do not need all of the email, passwords or two factor authentication, those are subsystem to make the website work. All he/she needed was the private keys to the Cryptopia wallets. You know when you need to have a unique payment address on top of your address.. that is because Cryptopia have a single wallet, and the unique ID simply differentiate the users owning amount. In this case, one single key file, can have taken ALL of the coin for that currency. These key are files stored somewhere on a server, usually is not even online, usually is super secure, usually it has redundancies. Apparently the hacker took/copied those file and deleted them from the server. Cryptopia management may [or may not] have access to their wallets anymore [we do not know yet] in which case no one can access ANY of the coin but the hacker/s even if they reopen the website, simply because the wallet key is not there on the server anymore. Finger crossed they managed not to loose those key / were able to restore them if they were deleted. I believe that is what the police may have been doing.
15 Feb, 2019 - 20:28
Thanks for the clarification, Paolo. I just do not like the silence from their side, this makes me suspicious.
18 Feb, 2019 - 13:22
clear!! then it makes no sense to write that over thousands of wallets have been violated.
They only violated a wallet in which there were all the funds on the site.
If so, it seems very stupid for the site administrators ..
Possible that a website that exchanges millions of dollars has only one wallet and the private key is inserted in the usual site!
It seems really naive as a thing.
19 Feb, 2019 - 18:56
There are so many cases of cyber theft online these days. If you ever need to deal with cryptocurrency scams or theft, or recover your email/wallet passwords, social network anti-hack (Facebook, Twitter, Instagram, snapchat), BlackRock is the go-to cybersecurity group. Visit them on blackrockconsultpro com and use the contact form or hire any available expert. You can also consider getting their custom built antihack cryptocurrency wallet to avoid common cases of online theft. Thank me later.
05 Mar, 2019 - 17:32
Hello everyone, I am not use to this but i can't keep calm because the result was overwhelming. I got some inbox on my email and i mistakenly click on them and i got all of my bitcoins stolen, I lost 9.657 btc within 2hours to the rippers. I was so confused and dumbfounded because i didn't know how it happened and can't even explain. I need to recover my btc but i don't know how to go about it. My love for cryptos and the technology behind them is huge so I started looking for help and i got to about four forums where i saw everyone comment of the prof. Sydney. By reading the comments i get to know he's specialize in mining btc, crypto consultancy and also retrieve lost/stolen btc. I lost a lot of money because that's all of my btc which i purchase at $6,775. I was devastated and seeking options so i contacted the prof straight away....I explained how i lost my btc and he promised to me recover my btc in less than 1 week. I gave him all the necessary details and after paying the exploits. Did you believe the prof stick to his words and help me recover my 9.657 btc to my wallet in 6 days. YES the result was overwhelming and i can't keep calm. His fee was very affordable and i can't believe how it happened. He then add more security to my wallet and assure me of not getting hacked again. I can't stop thanking him and am willing to join his mining team so as to get more bitcoins. Did i forgot to drop his email? You can reach him anytime here (Profsydneycryptoconsultancy@gmail.com)
25 Mar, 2019 - 12:08
Seriously people like you who pray on other hurt people. This guys does not retrieve your stolen BTC. Now I am tracking you down to find you, I dont like liars, and a abusers.
26 Mar, 2019 - 14:32
No you are not right ben! I contact the prof and he help me as well. He help me mine 1.5 btc in 4 days. He is very kind and a rare gem. I can't stop thanking him
13 Apr, 2019 - 14:32

I met him barely two weeks ago...During the dark episodes of monumental loss of thousands of dollars to scammers. My pain was deep. He raised my hope that...I will recover all in manifolds...He confidently made me believe....base on his track record of success in cryptocurrency mining....He stands out morally. He is a man of his word with compassion ready to help...Prof Sydney.....A good man he is. God almighty...make him live longer with sound health. (Profsydneycryptoconsultancy@gmail.com or (443) 338-3730).
13 Apr, 2019 - 14:35

Check out the latest news

You will be logged out and redirected to the homepage