Nexo

We’re Giving out 10 BTC in Rewards until the Bitcoin Halving

Learn More

KuCoin’s Hot Wallet Private Keys Stolen, Estimated $150 Million in Damages

The Singapore-based crypto exchange has briefly shuttered operations, disabling withdrawals for users.

KuCoin’s Hot Wallet Private Keys Stolen, Estimated $150 Million in Damages
Shutterstock cover by wk1003mike

Key Takeaways

  • Private user data is unaffected, according to KuCoin CEO, Johhny Lyu.
  • The KuCoin team is working with other top exchanges to blacklist the hackers’ funds.

Share this article

KuCoin exchange reported a security breach at 04:50 AM (UTC+8) this Saturday. The time of the announcement coincided with the completion of the security operations necessary to limit the damages. 

By this time, however, it was too late as the exchange had already lost a confirmed $150 million in assets.

The KuCoin security team noticed the breach and abnormal transactions two hours prior, at 02:51 AM, thinking it would be easy to solve. However, after shutting down the servers, they noticed that assets kept flowing outward, indicating that their hot wallet’s private key had been compromised. 

The attacker’s wallet transaction history shows that they successfully executed more than 500 ETH and ERC-20 transactions before KuCoin’s security drained the remaining assets. The attackers had approximately seven hours before the security team reacted. 

The attackers are still trying to execute transactions at the time of press, but the USDT smart contract blacklisted the associated wallet. The KuCoin CEO added that:

“We are in contact with many major crypto exchanges such as Huobi, Binance, OKEx, BitMax and Bybit, as well as blockchain projects, security agencies, and law enforcement to work on this. Some effective measures have been taken, and we will update with more details soon.”

The latest KuCoin security update contains detailed information regarding the events’ timeline, affected assets, and answers to community questions. This is the first time KuCoin has been hacked, and they have said that they will return all assets to the users through their insurance fund. 

It is unclear whether the funds were insured by a third-party or if this is an internal fund developed for these types of events. 

Share this article

Loading...