October 2014 – Mintpal Hack

Mintpal was founded in February 2014, aiming to provide an exchange that combined high level user experience with quick support times. The plan was to add crypto assets monthly based on their popularity. Mintpal quickly grew and became quite a popular altcoin exchange.
Unfortunately, Mintpal faced a major hack on the 13th of July, causing 8,000,000 Vericoin being stolen (value $2,000,000), which was about 30% of the circulating supply at the time. The exchange had kept their Vericoin on a “hot” wallet (an online, internet-connected wallet), which is much more vulnerable.
Interestingly enough, the Bitcoin and Litecoin wallets were also targeted for the Mintpal hack. This turned out unsuccessful. The exchange had wisely decided to move these to a “cold” wallet (an offline wallet).
Soon after this first hack, Mintpal was sold to a different company most commonly known as Moolah (officially: Moopay LTD). Alex Green, the CEO of Moolah, stated that it acquired Mintpay to function as the primary altcoin trading platform for his company.
It sadly did not take long till a new issue emerged. In the month of October, well over 3,700 Bitcoins went missing. Unlike the previous hack, the reason for this loss seems to come from having entrusted a malicious individual – Moolah’s CEO Alex Green is accused of having stolen almost $1,500,000 from Mintpal clients. A criminal investigation has been started last year.

Transactions Rolled Back

To save both Vericoin and MintPal, the coin’s developers stepped forward and decided to implement a radical solution. The blockchain would be rolled back to a point before the attack, meaning that all transactions that took place afterward would be erased from history. The move was praised by some, but also condemned by others. Litecoin-founder Charlie Lee argued that the rollback should never have taken place according to his views on the responsibilities of a developer: “As developers of a decentralized crypto-currency, it is our duty to make sure that the network is secure and that Litecoin functions well as a easy-to-use and efficient currency. It is not in our rights to decide which coins belong to whom..”

About MintPal

MintPal Limited was a UK based private company (registered UK company #09009856) that focused on the exchanging of cryptocurrencies. Launched in early 2014, the team aimed to provide the best user experience matched with quick support times.

Their team was made up of talented developers and network engineers who knew how to build a fast, efficient and secure system that takes advantage of the latest web technologies.

MintPal’s Objectives:

  • A secure and reliable trading environment.
  • A fast matching engine that executes trades within milliseconds.
  • The latest market data available to all users as fast as possible.
  • A highly scalable architecture that can handle spikes of activity.
  • An appealing and responsive user interface that is easy to use.
  • Fast support responses, typically within 24 hours.

MintPal’s Architecture:

  • Full DDoS protection with a leading provider
  • CDN Caching for all static content
  • Distributed wallets and Hot/Cold wallets
  • Tiered design from day 1 to improve scalability
  • Push instead of pull to deliver all market updates as fast as possible
  • 2 Factor Authentication as standard for all staff

April 2013 – Silk Road Hack

October 2014 – KipCoin Hack