KuCoin’s Hot Wallet Private Keys Stolen, Estimated $150 Million in Damages

Key Takeaways

  • Private user data is unaffected, according to KuCoin CEO, Johhny Lyu.
  • The KuCoin team is working with other top exchanges to blacklist the hackers’ funds.

Share this article

KuCoin exchange reported a security breach at 04:50 AM (UTC+8) this Saturday. The time of the announcement coincided with the completion of the security operations necessary to limit the damages. 

By this time, however, it was too late as the exchange had already lost a confirmed $150 million in assets.

The KuCoin security team noticed the breach and abnormal transactions two hours prior, at 02:51 AM, thinking it would be easy to solve. However, after shutting down the servers, they noticed that assets kept flowing outward, indicating that their hot wallet’s private key had been compromised. 

The attacker’s wallet transaction history shows that they successfully executed more than 500 ETH and ERC-20 transactions before KuCoin’s security drained the remaining assets. The attackers had approximately seven hours before the security team reacted. 

The attackers are still trying to execute transactions at the time of press, but the USDT smart contract blacklisted the associated wallet. The KuCoin CEO added that:

“We are in contact with many major crypto exchanges such as Huobi, Binance, OKEx, BitMax and Bybit, as well as blockchain projects, security agencies, and law enforcement to work on this. Some effective measures have been taken, and we will update with more details soon.”

The latest KuCoin security update contains detailed information regarding the events’ timeline, affected assets, and answers to community questions. This is the first time KuCoin has been hacked, and they have said that they will return all assets to the users through their insurance fund. 

It is unclear whether the funds were insured by a third-party or if this is an internal fund developed for these types of events. 

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representation or warranty as to the timeliness, completeness, or accuracy of any information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not give personalized investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may become outdated, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update any outdated, incomplete, or inaccurate information.

You should never make an investment decision on an ICO, IEO, or other investment based on the information on this website, and you should never interpret or otherwise rely on any of the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice on an ICO, IEO, or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sales, securities, or commodities.

See full terms and conditions.

Source: Read Full Article