Gatecoin

Gatecoin, a Hong Kong-based cryptocurrency exchange, suffered a significant breach between May 9 and May 12, 2016, resulting in the loss of 250 BTC and 185,000 ETH, valued at approximately $2 million USD. The attack, detailed in a statement by CEO Aurélien Menant and investigated by Tehtri Security, exploited a server reboot disruption, allowing hackers to reroute BTC and ETH deposits from multi-signature cold wallets to a vulnerable hot wallet, bypassing the exchange’s 5% hot wallet limit. Representing 15% of Gatecoin’s total crypto deposits, the theft—at Bitcoin’s price of roughly $450 and Ethereum’s $10 per coin per CoinGecko—prompted the exchange to suspend services on May 13 after detecting suspicious transactions. Blockchain addresses linked to the hackers were publicly listed, but no funds were reported recovered. Gatecoin, which emphasized segregated client accounts for fiat currencies (USD, EUR, HKD), ensured these remained secure and planned a new platform for withdrawals by May 28, though ETH withdrawal timelines stayed unclear. Amid 2016’s evolving regulatory landscape, Gatecoin sought additional funding to reimburse losses and collaborated with other exchanges to trace the culprits, maintaining transparency via Reddit and Twitter. The breach exposed flaws in wallet transfer protocols, spurring calls for enhanced multi-signature systems, real-time monitoring, and community-driven security standards to fortify trust in the cryptocurrency ecosystem.