KuCoin: User Funds Will Be ‘Covered Completely’ after Friday’s $150M+ Hack

KuCoin, a digital asset exchange based in Singapore, announced that at least $150 million worth of Bitcoin Bitcoin While some may still be wondering what is Bitcoin, who created Bitcoin, or how does Bitcoin work, one thing is certain: Bitcoin has changed the world.No one can remain indifferent to this revolutionary, decentralized, digital asset nor to its blockchain technology.In fact, we’ve gone a long way ever since a Florida resident Laszlo Hanyecz made BTC’s first official commercial transaction with a real company by trading 10,000 Bitcoins for 2 pizzas at his local Papa John’s.One could now argue that While some may still be wondering what is Bitcoin, who created Bitcoin, or how does Bitcoin work, one thing is certain: Bitcoin has changed the world.No one can remain indifferent to this revolutionary, decentralized, digital asset nor to its blockchain technology.In fact, we’ve gone a long way ever since a Florida resident Laszlo Hanyecz made BTC’s first official commercial transaction with a real company by trading 10,000 Bitcoins for 2 pizzas at his local Papa John’s.One could now argue that Read this Term and other cryptocurrency tokens has been withdrawn from its hot wallets into an unknown wallet. In other words, KuCoin was hacked.

A statement put out by the exchange says that the attack began on Friday, September 26th around 19:05 UTC. While the exact amount of funds stolen is unknown, CoinDesk reported that an Ethereum Ethereum Ethereum is an open source, blockchain-based distributed computing platform and operating system featuring smart contract functionality. Created in 2014, Ethereum now stands as the second largest cryptocurrency by market cap at the time of writing.As a decentralized cryptocurrency network and software platform, Ethereum represents the most prominent altcoin. Ethereum also enables the creation Distributed Applications, or dapps. Understanding EthereumEthereum boasts its own programming language, Ethereum is an open source, blockchain-based distributed computing platform and operating system featuring smart contract functionality. Created in 2014, Ethereum now stands as the second largest cryptocurrency by market cap at the time of writing.As a decentralized cryptocurrency network and software platform, Ethereum represents the most prominent altcoin. Ethereum also enables the creation Distributed Applications, or dapps. Understanding EthereumEthereum boasts its own programming language, Read this Term address linked to the hacker has “received over 150 Ethereum-based tokens worth more than $150 million.”

KuCoin says that the incident is being investigated by law enforcement and that users will not lose their funds: “rest assured, if any user fund is affected by this incident, it will be covered completely by KuCoin and our insurance fund,” a statement said.

What Happened?

In a livestream on Saturday, KuCoin chief executive, Johnny Lyu said that hackers had managed to obtain the private keys of the exchange’s hot wallets. However, as soon as the exchange saw that the withdrawals were happening, the remaining funds were transferred into new hot wallets and the old ones were abandoned.

The exchange said in a statement that “the assets in our cold wallets are safe and unharmed, and hot wallets have been re-deployed.”

KuCoin has posted a list of the addresses where some of the stolen funds were transferred, including addresses for BTC, bitcoin SV (BSV), ETH, LTC, XRP, Stellar Lumens (XLM), Tron (TRX) and Tether (USDT) wallets.

Using data from Blockchair and Tronscan, CoinDesk also found that other wallets linked to the crime have received:

• 14,713 BSV, 26,733 LTC
• 18,495,798 XRP
• 999,160 USDT
• over 1,008 BTC
• 9,588,383 XLM
• 199,038,936 TRX

Since the hack, KuCoin has been working with cryptocurrency issuers and exchanges to stop the movement of the stolen coins.

For example, a statement by KuCoin says that “Bitfinex CTO, Paolo Ardoino confirmed that Tether has successfully frozen a total of 22 million USDT tokens (about $22 million).”

Similarly, KuCoin said that Velo Labs (VELO) will “re-deploy and replace” each of the VELO tokens that were taken from the exchange. Covesting (COV), Silent Notary (SNTR), and VIDT_Datalink (VIDT) have said that they will take action to freeze and/or re-issue the stolen funds.

Additionally, Ampleforth (AMPL) tweeted that "a contract upgrade was quickly deployed to disable transfers from the attacker."

On Sep 25th, KuCoin Exchange was temporarily compromised and over $150M across various tokens were stolen. Included in this amount were 14M AMPL, accounting for about 10% of the circulating supply.

A contract upgrade was quickly deployed to disable transfers from the attacker.

— Ampleforth #AMPL (@AmpleforthOrg) September 27, 2020

With a daily average trading volume of roughly $100 million, KuCoin is one of the world’s largest cryptocurrency exchanges. The value of KuCoin tokens (KCS) fell by roughly 14% within one hour of the news of the hack breaking on Saturday, hitting $0.86. At press time, data from CoinMarketCap showed that the price had fallen to $0.83.