Bitsonic OTP Hacked (updated)

Brian Newar 2019-09-23

Breaking news from Seoul now is word that Bitsonic has been hacked. Community members started reporting individual hacks this morning from South Korea.

유니오출금.PNG — A Bitsonic hack victim’s unauthorized transaction receipt for the withdrawal of UUINO.

It appears that the OTP section of Bitsonic has been affected by the hack. Users of Bitsonic were sent notifications of unauthorized purchases and withdrawals of UUINO from their OTP accounts. After these notifications, Bitsonic’s OTP was deactivated, as it is still now.

Bitsonic customer service notified customers of the hack shortly after it occurred.

This is a very fresh story and will have updates through the day.

캡처.PNG — A Bitsonic hack victims email records indicating unauthorized transactions, and subsequent notifications from Bitsonic about the hack.

Updated 6:44pm in Seoul:
Bitsonic’s official Telegram account made two announcements this afternoon and this evening in regard to the apparent hack on their system. They fully deny any successful outside attack on their system.

Furthermore, the exchange announced that they ran thorough emergency checks on their system and found no errors that could have led to a hack.

The longer, more recent announcement from Bitsonic’s Telegram account states that the issue was most likely from a phishing attack, where the user’s or users’ personal information and login values were compromised and used to retrieve their funds off of the exchange. This does not explain why they withdrew UUINO specifically and not another, far more higher-volume coin for liquidation elsewhere.

The exchange vowed to conduct regular ‘customer alarms’ to notify users of stale passwords and general account status.