BTC-Alpha, a crypto exchange created by Ukrainians, with a trading volume of $223M, attacked by hackers

The BTC-Alpha cryptocurrency exchange, founded by the Ukrainian Vitalii Bodnar, was attacked by hackers. Vitalii said about it on Facebook and YouTube. He noticed that fraudsters did compromise user data, but they didn’t steal their money. At the moment, BTC-Alpha is currently unavailable until all details of the attack are figured out.

About BTC-Alpha

The BTC-Alpha cryptocurrency exchange was founded in Ukraine in 2015 and recently belonged to the Coinmarketcap TOP 100 Exchanges (now it is much lower because of understandable circumstances). Its founder and leadership are Ukrainians. However, the company initially was oriented toward Europe and Asia because, when the exchange was founded, the cryptocurrencies were not well developed in Ukraine.

According to BTC-Alpha’s founder Vitalii Bodnar, today, the company negotiates with the Ministry of the Digital Transformation of Ukraine to register in Ukraine as soon as the cryptocurrency law comes in force.

Currently, BTC-Alpha has 365,000 users, but there are not many users from Ukraine among them. According to Coinmarketcap, the current daily trading volume on BTC-Alpha is $223 million.

How the hack became possible

BTC-Alpha was hacked on November 1, 2021 — just on the 5th anniversary of the company. According to Vitalii, the attack has been well planned over a half-year ago. He also noticed that the attack was performed not through the exchange code (a technical bug) but because of human failure.

“They were gunning for our both Ukrainian and foreign employees. As they managed to hack public persons of our company, they sent viruses through their computers directly to our employees, and one of them let this virus in,” explained Vitalii.

“They were gunning for us long and seriously. A pre-analysis confirmed that enormous resources were spent on this attack to ‘congratulate’ us on our birthday in this way.”

“The analysts of BTC-Alpha estimated the cost of this attack about a few hundreds of thousands of dollars. Due to the fast reaction of the team, the attack consequences were minimized: no user funds were stolen, but their user credentials were compromised. “The passwords are hashed, and we don’t store them in an open format,” Bodnar said.

After the attack, the hackers demanded a ransom of 100 BTC for stolen data, but BTC-Alpha refused to negotiate.

Bodnar also admitted that, although BTC-Alpha did not lose any user coin, the attack hardly damaged their reputation. There are still a bunch of unsolved issues that currently do not allow the company to make a full assessment of the damage.

What should users do

The exchange is currently not working; the users can’t access their accounts. It can cause some impatience. But Bodnar assures that all assets are intact. At the moment, all funds have been transferred to the cold wallets to secure them. The access to the users will be re-granted as soon as BTC-Alpha will be online again.

After the work of the exchange is back up and running meaning, Bodnar promises to conduct an independent financial audit, which will confirm that the users’ balances coincide with the actual ones in the accounts of the company.

According to Vitalii, the analytical department is continuing to investigate the situation and the security of the platform. Soon it will be known when BTC-Alpha will be able to restore work.