VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
KipCoin announced that the attacker gained access to the server in 2014 and downloaded the wallet.dat file. A few months later, the attacker stole more than 3,000 BTC. Attack method (per SlowMist): Server is hacked. Reported loss: 3,000 BTC.
Primary source
https://www.newsbtc.com/news/chinese-bitcoin-exchange-kipcoin-shuts-claims-losing-3000-btc-hackers/ ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- KipCoin
- bug_class
- infrastructure
- date_occurred
- 2015-02-18
- loss_usd
- —
- source_id
- sm:kipcoin::2015-02-18
Related — same bug class· infrastructure