Poloniex Hot Wallets Hacked With $114M Seemingly Stolen: On-Chain Data

Poloniex investor Justin Sun confirmed the exploit, saying the exchange will reimburse affected users and offering a "white hat bounty" to the hacker.

AccessTimeIconNov 10, 2023 at 12:06 p.m. UTC
Updated Nov 10, 2023 at 4:26 p.m. UTC

Cryptocurrency exchange Poloniex has had its hot wallets drained by hackers with an estimated loss of around $114 million, several sets of on-chain data show.

A suspected hack was flagged at around 10:55 UTC by blockchain security firms PeckShield and Cyvers. Poloniex announced 12 minutes later that the exchange's wallet had been disabled for maintenance. The hack was later confirmed by Poloniex investor Justin Sun in a tweet.

  • Fed Sees Just One Rate Cut This Year; CRV Slides as Curve’s Founder Faces Liquidation Risk
    01:49
    Fed Sees Just One Rate Cut This Year; CRV Slides as Curve’s Founder Faces Liquidation Risk
  • What's Next for Bitcoin After Fed Predicts Just One Rate Cut for 2024
    00:50
    What's Next for Bitcoin After Fed Predicts Just One Rate Cut for 2024
  • Litecoin Creator Charlie Lee on Company Evolution
    09:05
    Litecoin Creator Charlie Lee on Company Evolution
  • U.S. CPI Returns Flat in May; Donald Trump Wants All Remaining Bitcoin to Be 'Made in USA'
    01:45
    U.S. CPI Returns Flat in May; Donald Trump Wants All Remaining Bitcoin to Be 'Made in USA'
  • Various wallets across multiple blockchains appear to have been targeted. Arkham data shows that an Ethereum wallet, now tagged as "Poloniex hacker," sent a total of $114 million worth of tokens from Poloniex in 357 transactions. A wallet on the Tron blockchain also sent around $42 million to various wallets.

    Poloniex is one of the longest-running crypto exchanges, having been founded in 2013. It was acquired by Circle in 2018 and later spun off to several investors including Justin Sun, who revealed that he was a part of the most recent acquisition in 2019.

    The exchange has facilitated $616 million worth of trading volume over the past 24 hours, its public reserves are not available to view, according to CoinMarketCap. That compares with $19.3 billion for market leader Binance and $3 billion for Coinbase (COIN), the only publicly traded exchange.

    Crypto exchanges are common targets for hackers. Two months ago HTX was hacked with a total of $8 million worth of ether (ETH) being drained; South Korean exchange Gdac lost $13 million in April and Deribit lost $28 million in a hot-wallet hack last November.

    On-chain data also show the Poloniex hacker bought $20 million worth of tron (TRX), pushing the token's price up by more than 25%.

    Blockchain analytics company Nansen reported that there were just 175 tokens left in Poloniex's wallet, worth a total of $10,000.

    "We are currently investigating the Poloniex hack incident," Sun tweeted. "Poloniex maintains a healthy financial position and will fully reimburse the affected funds. Additionally, we are exploring opportunities for collaboration with other exchanges to facilitate the recovery of these funds."

    Sun added that the exchange is offering a 5% white hat bounty to the hacker with a deadline of seven days before engaging with law enforcement.

    Sun posted on X (formerly Twitter) later Friday that Poloniex "successfully identified and frozen a portion of the assets associated with the hacker's addresses."

    "At present, the losses are within manageable limits, and Poloniex's operating revenue can cover these losses," he added.

    UPDATE (Nov. 10, 12:20 UTC): Updates amount stolen in headline, first paragraph, according to Arkham; adds Justin Sun white hat bounty offer in last paragraph.

    UPDATE (Nov. 10, 14:47 UTC): Adds details of Justin Sun's investment, Poloniex volume data and Nansen tweet.

    UPDATE (Nov. 10, 16:18 UTC): Adds Justin Sun's post about Poloniex having identified and frozen a portion of the stolen assets.

    Edited by Sheldon Reback.

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Oliver Knight

    Oliver Knight is a CoinDesk reporter based between London and Lisbon. He does not own any crypto.