Singapore-based cryptocurrency exchange KuCoin has experienced leakage of its private keys tied with its KuCoin hot wallets, which resulted in a hack of approximately USD 150 million worth of customer funds. The platform has temporarily suspended deposits and withdrawals from its platform, while the team claims its cold wallets remain unaffected, assured the exchange’s CEO Johnny Lyu.
Read the update here: KuCoin Hack Shows Key Difference Between Altcoins and Bitcoin
Per the official announcement, the security incident was first noticed Friday evening (UTC time), September 25, as its risk management systems monitored several abnormal transactions. The total value of lost funds is still being calculated, though looking at the on-chain transactions it is estimated to be around USD 150 million. The hackers have gone away with roughly USD 4 million worth of ether (ETH), and USD 146 million worth of other ERC-20 tokens plus a large amount of bitcoin (BTC).
(1/4) We detected some large withdrawals since Sep 26 at 03:05 UTC+8. According to the latest internal security audit report, part of BTC, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings
— KUCOIN (@kucoincom) September 26, 2020
At 4:30 AM UTC on September 26, KuCoin Global CEO Johnny Lyu started a live stream to update concerned stakeholders on the incident and current state of things at KuCoin. He said that “Regarding this accident, we have made a conclusion that it is because someone (unclear) stole the private key of our hot wallet.” Besides, he assured KuCoin users that all the losses will be covered by KuCoin.
“All the loss will be covered by KuCoin risk provisions.”
You can rewatch the live stream here: