Deribit exchange hacked for 28M $ | Bitcointalksearch.org

JeromeTash

legendary

Activity: 2394

Merit: 1276

Heisenberg

Quote from: stompix on November 02, 2022, 11:06:49 PM

The other thing:

Quote

which are separate from the company's $40 million insurance fund.

So they hold 3 billion worth of coins insured for $40 million? Somebody rushed to release a statement before realizing what they are saying.

For most derivatives exchange I have ever used, Insurance fund is a completely different thing. It doesn't save people's asses if an exchange is hacked. Insurance fund is meant to save the asses of traders who accounts have gone completely bankrupt, where the liquidation engine has to execute a close position order way off the liquidation price in times of extreme market volatility.

Obviously, the exchange won't allow making such losses, so they use the insurance funds to cover such deficits.
https://insights.deribit.com/education/the-deribit-insurance-fund-and-socialised-loss-system/

hugeblack

legendary

Activity: 2772

Merit: 4110

Is this platform famous to bear the amount of 28 million dollars without problems? it's the first time I hear about it.
Is it guaranteed that they paid this amount? I also can't believe it's only 1% of them total crypto coins.

The amounts seem huge, so you might get tough with new users (random lock)

PX-Z

legendary

Activity: 1554

Merit: 880

Wallet transaction notifier @txnNotifierBot

That claim of having only 1% of their holdings got hacked is still bugging me. I checked their 24h volume in CMC^[1]. It's 700m only. Also i checked the data in statista^[2], i don't know how reliable that data is but we are talking about statista and noy other statistics website, wrll, they are not even listed there.

[1] https://coinmarketcap.com/rankings/exchanges/derivatives/
[2] https://www.statista.com/statistics/864738/leading-cryptocurrency-exchanges-traders/

stompix

legendary

Activity: 2912

Merit: 6403

Blackjack.fun

Those numbers, hmmm!

Quote

"We keep 99% of our assets in cold storage and only 1% in hot wallets. The hacker gained access to these hot wallets."

So, they have around 3 billion in coins, which is a thing I kind of doubt since for once it's quite a large sum considering their trading levels, and second, it's not like they operate and are used by the same clients as traditional spot exchanges, normally I would look at derivates having way fewer coins per unit of volume.

The other thing:

Quote

which are separate from the company's $40 million insurance fund.

So they hold 3 billion worth of coins insured for $40 million? Somebody rushed to release a statement before realizing what they are saying.

Anyhow nowadays you don't know what to believe anymore, it might be a real hack, an inside hack, a tax purpose hack, a ready-to-disappear hack, but one thing is sure, a reminder to take care of your coins.

Darker45

legendary

Activity: 2576

Merit: 1860

I have encountered this exchange many times, although I haven't tried opening an account as I don't do futures trading. The last time that I probably mentioned this exchange was when they implemented a mandatory KYC for every single user after the BitMEX fiasco.

Anyway, for as long as the entire financial damage of this hack is to be covered by Deribit's balance sheet itself and no single user would suffer a loss from this incident, I won't suspect that this is an inside job. But they still need to beef up the security of their hot funds. Even if it's true that only 1% of their funds is kept in hot wallets, it is still a significant amount of users' money to be put at risk.

sunsilk

hero member

Activity: 3038

Merit: 634

I've known that exchange and seen them but never have used them.

I'm starting to doubt these hacks these days. Some of the companies on the same service of being an exchange have been out in the business and they're reasoning out that it's due to the hard sustainability of being in a bear market.

Well, some exchange can make it look like that they're not in pain with such hack and they still a lot of it covered by some of their funds elsewhere but it can also be a gate away reason for them to be out.

JeromeTash

legendary

Activity: 2394

Merit: 1276

Heisenberg

Quote from: OmegaStarScream on November 02, 2022, 11:16:03 AM

I don't remember coming across this exchange before, but apparently, their hot wallets have been hacked today and 28 million dollars were lost.

The name rings a bell when it comes to trading derivatives. I remember when Bitmex was still popular, they were one of those small exchanges that tried to aggressively market themselves in order to compete with Bitmex and then came in other players in the field a couple of years later. The likes of Bybit, Phemex etc. and they still remained not so popular.

Quote from: dkbit98 on November 02, 2022, 12:52:34 PM

Deribit is used mostly for futures trading, so either the hackers are so smart and they can do this easily (I really doubt in this), or this was some insider job and intentional work of some people to get rich quick.

Such massive hacks are mostly insider jobs,

dkbit98

legendary

Activity: 2212

Merit: 7064

Quote from: OmegaStarScream on November 02, 2022, 11:16:03 AM

I don't remember coming across this exchange before, but apparently, their hot wallets have been hacked today and 28 million dollars were lost.

It's not surprise to see another exchange getting hacked Roll Eyes

someone should make a very short list of exchanges that never got hacked, but I think this list would get shorter in time until it is gone.
Deribit is used mostly for futures trading, so either the hackers are so smart and they can do this easily (I really doubt in this), or this was some insider job and intentional work of some people to get rich quick.

Interesting statistics to check out for open interest bitcoin options, Deribit has a huge share:
https://www.theblock.co/data/crypto-markets/options/share-of-open-interest-across-bitcoin-options

OmegaStarScream

staff

Activity: 3500

Merit: 6152

I don't remember coming across this exchange before, but apparently, their hot wallets have been hacked today and 28 million dollars were lost.

This is the CCO's statement:

Quote from: https://www.coindesk.com/business/2022/11/02/crypto-exchange-deribit-loses-28m-in-hot-wallet-hack/

"Hackers have gained access to our wallet server, which enabled them to initiate withdrawals from our hot wallet," Strijers said. "We keep 99% of our assets in cold storage and only 1% in hot wallets. The hacker gained access to these hot wallets."
Strijers also revealed that the entirety of the loss will be covered by Deribit's balance sheet assets, which are separate from the company's $40 million insurance fund.

For those who are using the exchange:

Make sure to not send the funds to your previously generated addresses, as they're going to be replaced by new ones.

Quote from: https://twitter.com/DeribitExchange/status/1587830167006810115

Security incident update

Deribit is working towards opening regular on-chain withdrawals later today.

Once this happens all Deribit deposit addresses for BTC, ETH and USDC will have to be re-generated, in the front end you will see your previous address(es) have been removed.

Topic: Deribit exchange hacked for 28M $ (Read 107 times)