Bitcoin
$43,867.70+5.17%
Ethereum
$2,296.72+3.29%
Binance Coin
$232.45+2.07%
XRP
$0.62232667+0.43%
Solana
$62.01+2.46%
Cardano
$0.41730488+4.14%
Dogecoin
$0.09162743+3.43%
Tron
$0.10395359+0.58%
Chainlink
$15.84+1.24%
Avalanche
$24.14+11.88%
Polygon
$0.81331148+1.93%
Polkadot
$5.74+4.00%
PlayIconNav
Crypto Prices CoinDesk Market Index CoinDesk Market Index
Markets

Over $280M Drained in KuCoin Crypto Exchange Hack

KuCoin, a cryptocurrency exchange in Asia, disclosed it was hacked and plans on reimbursing or recovering stolen customer funds.

By Ada Hui, Wolfie Zhao
AccessTimeIconSep 26, 2020 at 6:42 a.m. UTC
Updated Sep 14, 2021 at 10:01 a.m. UTC
KuCoin

10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Roughly $281 million of an Asian cryptocurrency exchange’s funds have been compromised in a security breach.

The Singapore-headquartered digital asset exchange KuCoin said in a statement it detected large withdrawals of bitcoin (BTC) and ethereum (ETH) tokens to an unknown wallet beginning at 19:05 UTC on Friday. 

In a live stream on 4:30 UTC Saturday, KuCoin CEO Johnny Lyu said one or more hackers obtained the private keys to the exchange’s hot wallets. KuCoin transferred what was left in them to new hot wallets, abandoned the old ones and froze customer deposits and withdrawals, Lyu said.

KuCoin’s cold wallets were unaffected, Lyu claimed. Cold cryptocurrency wallets are not connected to the Internet and are considered more secure than hot cryptocurrency wallets. 

In an updated statement on its website, KuCoin released a list of BTC, bitcoin sv (BSV), ETH, litecoin (LTC), XRP, Stellar lumens (XLM), tron (TRX) and tether (USDT) wallet addresses where the stolen funds were transferred.

Two Ethereum wallets belonging to KuCoin have sent more than 11,480 ETH, which currently trades at a price of about $350, to the Ethereum wallet address associated with the hack, according to data from blockchain explorer Etherscan.

The Ethereum wallet address has also received over 150 Ethereum-based tokens worth more than $150 million from the two KuCoin Ethereum wallets, Etherscan’s data shows.

The other identified wallets have received exactly 14,713 BSV, 26,733 LTC, 18,495,798 XRP and 999,160 USDT, along with over 2,015 BTC at three addresses (one, two and three), 9,588,383 XLM and 199,038,936 TRX, according to blockchain explorers Blockchair and Tronscan.

The cryptocurrencies are trading at roughly $10,700 per BTC, $165 per BSV, $45 per LTC, $0.25 per XRP, $0.07 per XLM, $0.02 per TRX and $1 per USDT, as of writing.

Tether and several cryptocurrency assets and exchanges such as Bitfinex have blacklisted the wallet addresses, according to the updated statement.

Over 200 cryptocurrency assets trade on KuCoin with a combined daily average volume of around $100 million, ranking it as one of the busiest trading exchanges, according to the cryptocurrency data site CoinGecko.

The price of KuCoin’s exchange token KCS fell by 14% to $0.86 within an hour on Saturday as news of the security breach spread on social media. 

KuCoin is investigating the hack with international law enforcement and stolen customer money will be “covered completely” by an insurance fund, Lyu said in the livestream, though the exchange has since recovered about $204 million in stolen funds, Lyu informed users in a Tweet on Oct. 3.

UPDATE (Sept. 27, 2020, 1:00 UTC): Addresses and balances for cryptocurrency wallets associated with KuCoin’s hack have been added.
UPDATE (Oct. 8, 2020, 00:25 UTC): The amount of stolen cryptocurrency reflects two additional bitcoin wallet addresses and recovered assets

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is an award-winning media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. In November 2023, CoinDesk was acquired by Bullish group, owner of Bullish, a regulated, institutional digital assets exchange. Bullish group is majority owned by Block.one; both groups have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary, and an editorial committee, chaired by a former editor-in-chief of The Wall Street Journal, is being formed to support journalistic integrity.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.

Read more about
ExchangesHackKuCoin