On September 26, a large number of abnormal token withdrawals occurred in the hot wallet of Singapore-based cryptocurrency exchange KuCoin, the total amount of token worth $150 million.
Cryptocurrency exchanges like KuCoin use hot wallets as their temporary storage systems for assets that are currently being exchanged on the platform, and they are used to power conversion operations and funds transfers.
Later, KuCoin officially announced that the total amount involved accounted for a relatively low proportion of the total amount of assets held in KuCoin, and the assets in KuCoin’s cold wallet were safe. Meanwhile, KuCoin suspended the withdrawal and deployed the hot wallet again.
In a live stream, KuCoin CEO Johnny Lyu said that one or more hackers obtained the private keys to the exchange’s hot wallets. KuCoin transferred what was left in them to new hot wallets, abandoned the old ones and froze customer deposits and withdrawals, Lyu said.
He also mentioned that the platform will gradually open the recharge and withdrawal within a week. In this event, the loss of users, currency and its insurance fund will be borne by KuCoin.
Hackers transferred the hacked assets in a large scale after stealing. Different from previous hackers’ continuous splitting of assets and trying to launder money in various ways, this time, the hacker transferred assets to major exchanges in batches.
Chinese crypto exchanges like MXC quickly froze 11000 usdt flowing into the platform, Bitfinex froze 13 million usdt on the EOS chain, and Tether also directly freezing more than 20 million ERC-20 usdt in the hackers’ addresses involved. In addition, Binance also froze the crypto assets involved.
The Chainmap monitoring system found that by 5:00 p.m. UTC time, ERC-20 tokens stolen from the KuCoin exchange had made a profit of about 266 ETH through Uniswap trading. According to SXWK, a blockchain security expert from Chainsguard, three ERC-20 tokens, namely, OCEAN, ORN and KAI, were transferred from the address involved in the case today. Some of them were distributed to three addresses after jumping from the intermediate address. Currently, OCEAN has been traded through Uniswap.
SXWK said that trading through DEX seems to evade the regulatory measures of the CEX, but it is a coin-coin transaction after all, and there is still a subsequent disposal problem for the ETH obtained from the transaction. After the transaction, the hacker transferred 118.6 eth to a new address.