Crypto Exchange KuCoin mega hack, $150M+ worth token stolen


KuCoin’s CEO Johnny Lyu confirmed a mega hack attack on 26th September 2020. KuCoin is located in Singapore and It is the 16th largest cryptocurrency exchange in the world. The hack impacted Bitcoin, Ether, and also ERC20 hot wallets after secret keys leaked. Some Reports also estimates that violation empties around $150+ million in user funds. Cryptocurrency exchange security breach has traditionally provided a route to market-wide sell-offs due to the concern that Crypto-Stealer could potentially sell tokens. But Tether has responded quickly to halt the transfer of tokens linked to the breach of security.

Cryptocurrency exchange KuCoin’s $150+ million hack

In recent years, Money Laundering Risks are increasing with DeFi (Decentralized Finance) projects. KuCoin’s mega hack is the best example. The company reported that the threat actor compromised their infrastructure and drained all the funds of their hot storage wallets. Hot wallets are described as cryptocurrency management applications linking to the internet. Cold wallets are offline storage for crypto tokens. Cryptocurrency exchanges use hot wallets as their primary temp storage for assets currently being on their platform. They are also using temp storage t to power conversion operations and pass funds.

KuCoin said that after noticing some big withdrawals from their hot wallets on 26th Sept, they had detected the hack. After that company started a security evaluation and finding the missing tokens. Also, the company said the attackers were able to steal Bitcoins, ERC-20 tokens, with other different types of crypto tokens.

The loss is estimated at over $150 million, based on some of the stolen funds. KuCoin also mentioned in a post that funds will be Covered Completely, who have lost funds in the hack using cold wallets. Some withdrawals and deposits are still in halt as the company’s security staff investigating the incident. you can find more latest details about the security incident and a list of addresses where stolen funds transferred here.

KuCoin contacts big crypto exchanges to freeze $33M worth tokens

According to Bitfinex CTO Paolo and Tether, the two companies frozen transaction of a total of $33 million worth tokens. If early figures are correct and over $150M has been hacked, that is 22 percent of the money lost. Lyu said that KuCoin is now in touch with Huobi, Binance, OKEx, BitMax, ByBit, and other crypto exchanges. The company also confirms that it cooperates with the law enforcement authorities and the related blockchain initiatives. Although a less amount of stolen funds is in Bitcoin, but most of them are probably stored as ERC-20 coins. But as per the founding partner Wan Dovey, attackers were struggling to manage the contaminated funds.

Bitcoin stays steady above $10,700 even after the hack

Bitcoin has seen a short-term trend reversal on the same day as the hack. Cointelegraph announced that after the recent BTC rally, whale clusters increased by $10,407 to more than $10k. The report data shows that big players have raised more than $10k, showing a high overall market view. The durability of Bitcoin after a high-profile security breach illustrates the power of the uptrend.

In Short

Kucoin is the 16th largest volume crypto exchange in the world, according to Coinmarketcap numbers. KuCoin shut down their server after it notices the money moving from their hot wallets. The intervention failed because the private hot wallet passwords were already destroyed. Kucoin then modified the unaffected funds to a new address. The Company mentioned in a post that affected user’s funds will be Covered Completely.

KuCoin resumed its withdrawal and deposit services for SUSD, FORESTPLUS, SOLVE, SNT, and MTN from yesterday. KuCoin is now busy working on the blockchain ventures. It is also busy working on cryptocurrency ventures that have obtained stolen funds, tracking, blocking, and even forking related assets to reduce losses.

1 Comment

Leave a Reply

Your "email address" will not be published. Fields which required below are marked as *