Reports say that the scammers actually contacted individual Bithumb users and used voice phishing to gain access to their funds. Although there is no official tally, South Korean users are independently reporting massive losses on online forums. Bithumb has already posted that it plans to partially compensate users, promising to give up to 100,000 won per person.
This is the second Ethereum-related hack to happen recently. We previously posted about Classic Ether Wallet, a service for Classic Ethereum (ETC) users, which was also compromised within the same week, through social engineering.
Best practices: Protecting online and cryptocurrency accounts
With the rising number of cryptocurrency hacking incidents, users should be proactive about protecting their funds as well as any online accounts. Enterprises should also be wary about data storage, and implement proper security policies for employee devices:
Try to be familiar with social engineering tactics. For offline scams done though calls, always compare the communication received with typical behavior, past experiences and industry standards before giving away valuable information or access.
Be wary of trusting cryptocurrency with a third-party. Using cold storage is advisable—it is basically storing cryptocurrency offline in encrypted media, hard drive or USB drive, hardware wallet, paper wallet, or other such devices.
And any enterprise should try to secure third party services holding critical parts of their business. Consult with security experts to install countermeasures and monitoring processes so you can prevent or mitigate advanced threats.