On June 18th, 2019, Cryptohashtank (CHT) suffered a devastating hack on one of their cryptocurrency wallets. CHT immediately began returning coins from wallets on this compromised wallet, and then returned coins from their unaffected wallet.
CHT requested the assistance of the Energi Bureau of Investigations (EBI) soon after this secondary hack. They provided EBI with full access to their systems. The investigation was very thorough and identified the attacking IP addresses, as well as the method of the breach.
EBI identified vulnerable attack vectors and made recommendations for improvements across all of CHT’s business processes, to enhance their security measures. EBI also tracked the funds as they exited two CryptoBridge main wallet addresses, and flagged them as fraudulent assets:
Energi’s EBI further identified these locked assets on Cryptobridge, among which were accounts collectively holding 3,000 NRG. Even though the CryptoBridge staff were notified of the fraudulent origins of these funds, they were released back into the hacker’s possession, thereby eliminating the best chance that existed to recover these stolen funds.
While Energi offers investigative services for stolen funds, in regards to further assistance such as reimbursement, Energi’s Treasury will not provide insurance or replacement for funds stolen from 3rd party exchanges or service providers.
Energi Core offers their deepest condolences to everyone who was affected by this hack and wishes Cryptohashtank well in their future endeavors. Energi appreciates that Cryptohashtank was helpful throughout the process and provided access and dedicated assistance for these investigations, without which there would be no additional information available to the public.
As a final note, we would like to emphasize that Energi does not endorse, support, nor is Energi affiliated with any staking or Masternode service providers. And we do not recommend the use of any such service, as there is no means for Energi or users of the Staking platforms to evaluate whether proper security measures are in place. In addition to this, whenever Staking is ‘pooled’ (centralized) in 3rd party Staking or Masternode services or cryptocurrency exchange Staking programs, this creates “honeypot” targets that attract the attention of bad actors.