- Liquid exchange has confirmed that its hot wallets have been compromised and users’ accounts put at risk.
- Kucoin has responded by blacklisting hacker’s addresses, a swift action that could leave the hacker unable to transfer and/or spend the tokens.
As the dust settles on the DeFi hack just a few weeks ago, another hack has hit the crypto industry. This time, a more traditional crypto exchange hack. According to a tweet sent out by the Japanese exchange Liquid, its hot wallets have been compromised in the last few hours. With this, about $80 million is hanging in the balance. For now, the exchange has suspended deposits and withdrawals while it investigates the breach.
The crypto-fiat exchange platform has been clear in its notice that it is the hot wallets that were compromised. This suggests that all the tokens in the cold wallets remain safe. It has further identified the hacker’s addresses.
The following assets had been transferred to hacker's following addresses (Further investigation to come):
BTC: 1Fx1bhbCwp5LU2gHxfRNiSHi1QSHwZLf7q
ETH/EWT: 0x5578840aae68682a9779623fa9e8714802b59946
TRX: TSpcue3bDfZNTP1CutrRrDxRPeEvWhuXbp
XRP: rfapBqj7rUkGju7oHTwBwhEyXgwkEM4yby— Liquid Global Official (@Liquid_Global) August 19, 2021
Although the exchange has not confirmed how much has been withdrawn to these addresses, reports indicate the addresses have standing balances of 107 BTC, 9,000,000 TRX, 11,000,000 XRP, and almost $60 million worth of ETH and ERC-20 tokens. With investigations currently ongoing, the team is expected to confirm the total withdrawal in the next few hours or days.
Liquid hacker(s) blacklisted
In support of Liquid and condemnation of the hacker, Kucoin has confirmed that it has blacklisted the identified addresses. This was confirmed by the exchange CEO shortly after the news of the breach was confirmed. Such swift action means that the hackers will be unable to transfer and spend the coins.
We are aware of the #LiquidGlobal security incident, and the hacker's addresses have been added to the blacklist of #KuCoin. Hope everything is OK. 🙏 https://t.co/IasscGItZH
— Johnny_KuCoin (@lyu_johnny) August 19, 2021
Speaking to CNF, John LaCour, founder and CTO of PhishLabs noted that the current trend is not surprising as hackers have continued their level of awareness and understanding of the various platforms in the space. He further highlighted the changing trend where hackers are able to identify potential weaknesses in different platforms.
Hackers previously used cryptocurrencies simply for ransomware payments, but now a number of things have changed. In leveraging cryptocurrency for ransomware payments, hackers have had to educate themselves on these systems, giving them a level of awareness and understanding of the various platforms in the space, the security controls they do or don’t have in place, and their potential weaknesses.