{"id":52275,"date":"2021-11-03T16:03:53","date_gmt":"2021-11-03T14:03:53","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=52275"},"modified":"2025-09-03T09:27:33","modified_gmt":"2025-09-03T06:27:33","slug":"btc-alpha-exchange-attacked-by-hackers-user-funds-secure","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/btc-alpha-exchange-attacked-by-hackers-user-funds-secure\/","title":{"rendered":"BTC-Alpha exchange attacked by hackers; user funds secure"},"content":{"rendered":"<p>A British exchange with Ukrainian roots, BTC-Alpha, was subjected to a hacking attack. Passwords stored in encrypted form were compromised, but funds were not touched. This was <a href=\"https:\/\/www.youtube.com\/watch?v=akWvgUnvTZg\">stated<\/a> the exchange&#8217;s CEO Vitaliy Bodnar.<\/p>\n<p>According to him, the hackers found &#8216;some breach&#8217; in the system and carried out a DDoS attack.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;User balances are fully secure; we did not lose a single cent, but the hashes of users&#8217; passwords were compromised. For this reason, access to accounts is temporarily restricted,&#8221; Bodnar said.<\/p>\n<\/blockquote>\n<p>He added that the hackers promised to leak the source code of the trading platform on GitHub.<\/p>\n<p>The attack was, according to the exchange&#8217;s CEO, caused by information leakage. The BTC-Alpha security team is examining this version.<\/p>\n<div class=\"wp-block-text-wrappers-update-2 article_update\"><time class=\"gtb_text-wrappers_update_time\">3 November 2021 | 16:54<\/time><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>In a ForkLog comment, Vitaliy Bodnar clarified that the passwords were stolen in encrypted form, but the BTC-Alpha team nonetheless believes that all user passwords should be changed.<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;We do not store passwords in plaintext; none of the team members knows a user&#8217;s password,&#8221; he added.<\/p>\n<\/blockquote>\n<p>In the course of the investigation, the exchange team found that the attack detected on November 1 had been in preparation for a long time. On October 25, hackers had already compromised the computers of several BTC-Alpha employees. <\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Employees were studied, their interests, connections, and level of access in the system. This was a symbiosis of attacks, ranging from phishing to backdoors and full control of hacked team members&#8217; computers,&#8221; Bodnar said.<\/p>\n<\/blockquote>\n<\/div>\n<p>At the time of writing, BTC-Alpha was undergoing maintenance. The team promises to resume operations soon.<\/p>\n<p>Earlier, in August, Bilaxy, Seychelles-based cryptocurrency exchange, reported a <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-breach-hits-bilaxy-hot-wallets-exchange-cautions-users-to-refrain-from-deposits\">hot-wallets breach<\/a>. The amount of the loss was not disclosed.<\/p>\n<p>Read ForkLog&#8217;s bitcoin news on our <a href=\"https:\/\/telegram.me\/forklog\" target=\"_blank\" rel=\"nofollow noopener\">Telegram<\/a> \u2014 cryptocurrency news, prices and analysis.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A British exchange with Ukrainian roots, BTC-Alpha, came under a hacking attack. Password hashes of users were compromised, but funds were not touched. This was stated by the exchange&#8217;s CEO Vitaliy Bodnar.<\/p>\n","protected":false},"author":1,"featured_media":52276,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[2262,1166,1154,1188],"class_list":["post-52275","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-btc-alpha","tag-centralized-exchanges-cex","tag-crimes","tag-data-breach"],"aioseo_notices":[],"amp_enabled":true,"views":"18","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52275","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=52275"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52275\/revisions"}],"predecessor-version":[{"id":52277,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/52275\/revisions\/52277"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/52276"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=52275"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=52275"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=52275"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}