Cashaa is a crypto-friendly neo-bank based in London providing banking to businesses. Cashaa is also dealing with Bitcoin OTC operations and working with all major exchanges and HNI in India with local partners.
- Please explain the hack in detail, what made it possible and how did it happen.
A cyberattack occurred on a vulnerable machine of a ‘Cashaa India OTC’ Employee, as it was his personal. All the funds in that account were wiped off within minutes, while our employee was making few transactions.
The incident occurred on 10th July 2020, with one of our OTC Account managers, positioned in East Delhi, India. On 8th July 2020, the employee had reported a machine malfunction with the computer provided to him by the company. Hence, he requested to operate from his personal computer to set up multiple alternative online wallets on various platforms like Blockchain.com, Huobi etc. We made an exception and allowed him to do so, keeping ‘customer experience’ in mind for the ongoing OTC deals/transactions. After the mishap, the investigation team has secured the compromised system for further investigation, and the employee has been suspended until the end of the investigation.
Hackers got the control of our employee’s computer with active sessions opened in the browser. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used. The stolen Bitcoins were collected at 14RYUUaMW1shoxCav4znEh64xnTtL3a2Ek (Bitcoin Blockchain Address) from there it was distributed into multiple wallets.
- After the board meeting, you called, has the firm decided who will bear the losses?
Cashaa board has arrived at some conclusions that have external dependencies. We will make an official release before the end of this month after those dependencies are cleared.
This is a country-specific incident and hence the management of that subsidiary (Cashaa India OTC) will come up with some deliverables including standards of future operations, security and client relations. Despite this blow, we are positive that Cashaa will stand tall, will become stronger than ever.
- What can exchanges do to help you with this issue? Is it recurring?
We had reached out to multiple exchanges to make them aware of the incident to freeze the incoming fund from any linked account of the hacker. All our partners and customers have joined together to give out a strong message to hackers that cashing out hacked Bitcoin is not going to be easy. We have got successful confirmation from almost all the Indian exchanges. International exchanges like Binance, Huobi, Bitfinex, and many more have blacklisted the hacker’s address while actively monitoring relevant transactions.
In the past, exchanges have frozen malicious accounts receiving hacked/fraud/ransome funds, so we have a hope for recovery, though, it may ask for a little patience. https://www.coindesk.com/binance-upbit-hacker
- It was stated that malware was installed on one of the systems, why hasn;t the firm been able to track how it happened?
We’ve all heard about various hacks and heists that look simple from the outside or at least based on our individual knowledge. We think that it could’ve been avoided by taking simple steps. Yet, every single day we hear about a major breach at the top places, including something as big as the recent `twitter accounts’ fiasco.
That’s the thing about accidents. It happens when there’s no one looking at the obvious!
An employee in India requested to operate from his personal computer and set up multiple alternative online wallets on various platforms like Blockchain.com, Huobi etc. We made an exception and allowed him to do so keeping ‘customer experience’ in mind for the ongoing OTC deals/transactions.
Hackers got the control of our employee’s personal computer with active sessions opened in the browser. The hackers used a variety of techniques, including phishing, viruses and other attacks. We are still concluding all possible methods used.
- Is there any realistic possibility of ever tracking these funds down and the perpetrator?
As it is Bitcoin that’s open, public and transparent; anyone can trace the hierarchy of transactions and map the flow of funds. Apart from the digital forensic efforts done by the private cybercrime agency appointed by Cashaa, the local management of ‘Cashaa India OTC’ has filed a cybercrime incident report to the Delhi Cyber Crime Bureau (Case ID#20807200031555) under the ‘cryptocurrency crime’ category. I have full trust in our law enforcement agencies working on the case.
On Thursday, Twitter was hacked for whatever reasons but people from around the world called it a Bitcoin scam just because hackers asked for Bitcoins. The official accounts of Barack Obama, Bill Gates, Jeff Bezos, Elon Musk, along with brands such as Apple, Uber, Coinbase, Binance were amongst the ones affected by the hack.
This clearly shows that everyone working in the crypto industry has to work very hard to bring the level of trust at par with those exhibited in other ‘financial asset classes’. As of today, hackers are very confident to take Bitcoin and move it through exchanges that facilitate laundering through their systems. Exchanges like these must be shut down and owners of these exchanges should be charged with money laundering facilitation crime.
- Could this be an inside job? Is there any evidence that says otherwise?
It does not seem like an Insider job. The investigating cybercrime company hasn’t given us a hint in that direction. Besides that, we cannot be sure of anything till the time those ‘hacked bitcoins’ are encashed and the trail ends at an eventual beneficiary.
In India, 80% of current transactions are happening off the exchanges through OTC desks. It’s a fairly new market where HNIs don’t trust the online exchanges with large transactions. It’s for the same reason that the combined volumes of all the exchanges in India are relatively lesser than it’s offshore counterparts.
The Bitcoin market in India is currently trust-based where HNIs like to meet the person ‘face-to-face’ before making payments. Our Indian OTC desk is serving that need through our trusted Account managers.
- Anything else you want to share with the crypto community?
This is a very unfortunate event and difficult time for Cashaa, but as the company grows and serves different geographies, we have to adapt and should be able to cater to the ever-growing needs of the market.
As the largest crypto-friendly neo-bank in Europe, we are growing exponentially and are on a mission to make banking smoother for the crypto industry. As crypto crimes are on the rise, FATF, FCA, ECB and other regulators want to make sure our industry is equipped with countering infrastructure to deal with them. We started working with AML leaders in the space to create an on-chain AML tool exclusive for Cashaa Business users. We would like to help the crypto business to not only have an exceptional banking service but also equipped them to fight money laundering and terrorist activity happening because of the cryptocurrencies.