Poloniex, a well-established centralized cryptocurrency exchange, has seemingly suffered a security breach affecting one of its primary wallets, tagged by Ethereum blockchain explorer Etherscan as “Poloniex 4.” The theft is marked by suspicious outflows of over $60 million.
According to data from the Ethereum blockchain, Poloniex’s wallet has seen a massive outflow in various cryptocurrencies to an address now tagged as “Poloniex Hacker 1.” Data from that wallet suggests the hacker siphoned over $63 million from Poloniex onto their wallets, but new outflows are being monitored.
Poloniex has moved to temporarily disable the compromised wallet and started to conduct maintenance in a bid to prevent further unauthorized transactions. The cryptocurrency trading platform has said it will update users on the situation in the near future.
The security breach was seemingly first spotted by crypto security firm Peckshield, which on social media asked the exchange to look into outflows from its Poloniex 4 wallet.
Poloniex has been a key player in the crypto exchange market since its inception in 2014. The platform underwent a significant change in ownership over time, first being sold to Circle in 2018 for a reported $400 million, before it was in 2019 when acquired by Justin Sun, the founder of the cryptocurrency platform Tron.
On the microblogging platform X (formerly known as Twitter), Sun noted that the incident is being investigated and added that Poloniex “maintains a healthy financial position and will fully reimburse the affected funds.”
Sun added that Poloniex is “exploring opportunities for collaboration with other exchanges to facilitate the recovery of these funds.”
Notably, the price of TRON’s native token TRX surged over 8% after the cryptocurrency exchange hack was revealed.
The hacker, according to various users on social media, has started using some of the hacked funds to create a short squeeze on the price of TRX, leading to the price surge. The hacker still has millions worth of TRX.
UPDATE: Sun has since offered the hacker a bug bounty reward of 5% of the stolen funds, giving them seven days to consider the offer before engaging with law enforcement.
Featured image via Pixabay.