Over $280M Drained in KuCoin Crypto Exchange Hack
KuCoin, a cryptocurrency exchange in Asia, disclosed it was hacked and plans on reimbursing or recovering stolen customer funds.
Roughly $281 million of an Asian cryptocurrency exchange’s funds have been compromised in a security breach.
In a live stream on 4:30 UTC Saturday, KuCoin CEO Johnny Lyu said one or more hackers obtained the private keys to the exchange’s hot wallets. KuCoin transferred what was left in them to new hot wallets, abandoned the old ones and froze customer deposits and withdrawals, Lyu said.
KuCoin’s cold wallets were unaffected, Lyu claimed. Cold cryptocurrency wallets are not connected to the Internet and are considered more secure than hot cryptocurrency wallets.
In an updated statement on its website, KuCoin released a list of BTC, bitcoin sv (BSV), ETH, litecoin (LTC), XRP, Stellar lumens (XLM), tron (TRX) and tether (USDT) wallet addresses where the stolen funds were transferred.
Two Ethereum wallets belonging to KuCoin have sent more than 11,480 ETH, which currently trades at a price of about $350, to the Ethereum wallet address associated with the hack, according to data from blockchain explorer Etherscan.
The Ethereum wallet address has also received over 150 Ethereum-based tokens worth more than $150 million from the two KuCoin Ethereum wallets, Etherscan’s data shows.
The other identified wallets have received exactly 14,713 BSV, 26,733 LTC, 18,495,798 XRP and 999,160 USDT, along with over 2,015 BTC at three addresses (one, two and three), 9,588,383 XLM and 199,038,936 TRX, according to blockchain explorers Blockchair and Tronscan.
The cryptocurrencies are trading at roughly $10,700 per BTC, $165 per BSV, $45 per LTC, $0.25 per XRP, $0.07 per XLM, $0.02 per TRX and $1 per USDT, as of writing.
Tether and several cryptocurrency assets and exchanges such as Bitfinex have blacklisted the wallet addresses, according to the updated statement.
Over 200 cryptocurrency assets trade on KuCoin with a combined daily average volume of around $100 million, ranking it as one of the busiest trading exchanges, according to the cryptocurrency data site CoinGecko.
The price of KuCoin’s exchange token KCS fell by 14% to $0.86 within an hour on Saturday as news of the security breach spread on social media.
KuCoin is investigating the hack with international law enforcement and stolen customer money will be “covered completely” by an insurance fund, Lyu said in the livestream, though the exchange has since recovered about $204 million in stolen funds, Lyu informed users in a Tweet on Oct. 3.
UPDATE (Sept. 27, 2020, 1:00 UTC): Addresses and balances for cryptocurrency wallets associated with KuCoin’s hack have been added.
UPDATE (Oct. 8, 2020, 00:25 UTC): The amount of stolen cryptocurrency reflects two additional bitcoin wallet addresses and recovered assets
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.