On Saturday (September 26), Singapore-based crypto exchange KuCoin suffered a security breach, as the result of which a part of the cryptoassets in the exchange’s hot wallets were stolen.
According to KuCoin Global CEO Johnny Lyu, who hosted a live stream that started at 04:30 UTC on September 26, here are some important details about this security incident:
- Bitcoin, ERC-20 and some other cryptoassets in KuCoin’s hot wallets were “transferred out of the exchange”; these represented a small portion of the exchange’s total cryptoasset holdings (since the vast majority reside in cold wallets, which have not been harmed in any way).
- KuCoin’s hot wallets have been “re-deployed”.
- The exchange’s security team first finds out about the attack at 02:51 AM (UTC+8) on September 26 when they get alerted by the risk management system for the first time that an “abnormal” ETH transaction (with TXID 0x4b738df5d7f12e3fa1cbe83b8165c542da461ef0c9255fc1a3f275259a92623b) has occurred.
- They then find out about a few more abnormal transactions from an ETH hot wallet with the address 0xeb31973e0febf3e3d7058234a5ebbae1ab4b8c23.
- At 03:20 AM (UTC+8) on September 26, the KuCoin operations team “urgently closed the server of the wallet and found that after the shutdown, there were still cases of abnormal transactions.”
- At 04:20 AM (UTC+8) on September 26, the KuCoin wallet team “started to transfer the remaining assets from the hot wallet to cold storage.”
- At 04:50 AM (UTC+8) on September 26, the KuCoin wallet team “transferred most of the remaining assets from the hot wallet to cold storage.”
- KuCoin has reached to various other exchanges (including Binance, Huobi, OKEx, Bybit, and Upbit) to “blocklist suspicious addresses and trace the funds affected.”
- KuCoin has also been in contact with “international law enforcement,” and is offering “rewards of up to $100,000 to those who can provide valid information to us regarding this incident.”
- This loss occurred due to “the leakage of the private key of KuCoin hot wallets.”
- The deposit and withdrawal functionality is expected to be restored within one week.
- KuCoin’s insurance fund is large enough to cover the losses.