Users of Cryptopia.nz have been reporting failed login attempts in the past few days on the altcoin exchange. Cryptopia is a smaller exchange, they are 50th by volume according to coinmarketcap, but feature a lot of lesser known coins that have a small market cap and might be worth a gamble for a lot of investors.

Since a few days users on twitter (see: 1,2,3) and also on their reddit page have been complaining that they get failed login attempts from countries that are known for phishing scams.

Some users have speculated that hackers might have access to usernames via the Cryptopia referral link: when you refer someone online you give out your username via the link and people might collect those and try and gain access to accounts, while guessing the password. This seems to be terrible opsec from an exchange, considering that most referral links from exchanges and services contain random generated characters instead. This doesn’t seem to be the case though, because some have already stated as a response that they never used the referral feature previously.

The next logical guess would be that somehow the usernames from Cryptopia have been leaked. Either way this is bad for the customers of the exchange as they are now denied from using the service as the failed login attempts result in account lock downs and the exchange might not have the manpower to manually override all the affected account’s settings.

Those who had 2FA enabled should have no problem with the security of their accounts as the hackers seem to lack any valuable information except usernames.

There has been no official word from Cryptopia yet, but you can follow their Twitter for potential future information.

Update: One of our authors is locked out as well, it’s a relative fresh email address that’s not in the database of https://haveibeenpwned.com/. This of course doesn’t prove that it has been a leak from their site or a different one, but so far we didn’t get any news from different exchanges being target to these attempts.