Reading time for the article: 2 minutes Compact: The Bitcoin exchange Kucoin was hacked last night. The damage is estimated at around 150 million US dollars. The exact amount of damage is still unclear. The year 2020 was comparatively quiet when it came to spectacular thefts and burglaries on stock exchanges. But that changed suddenly a few hours ago. Because Kucoin has been confirmed to have been hacked, so far it looks like the hot wallet has been the target of a hack and has been emptied. 11,480 ETH seem to have been stolen and a large number of various tokens. The alleged address of the hacker holds more than 150 million US dollars in ETH and tokens on the Ethereum blockchain alone. The exact amount of damage has not yet been confirmed by the exchange. A Analysis of CryptoQuant suggests that maybe 1,000 bitcoins have also been stolen. The rapid flow of BTC, which then abruptly dropped to zero and has remained there ever since, is a strong indicator. This pattern was also seen with other hacks.
Cold storage supposedly safe
According to previous statements by the exchange, the cold wallet remained secure at all times. It can therefore be assumed that only a comparatively small part was stolen. But this is quite tough, because if the amount of damage is confirmed, this would be one of the biggest hacks. The exact process is still being reconstructed and investigating authorities have been called in. On September 26th at 3 a.m. local time, unusual internal activities were discovered and it was found that high transactions had been started from the hot wallet. As a consequence, the corresponding server was deactivated, thereby paralyzing the ability for customers to deposit or withdraw crypto currencies. However, when this was unsuccessful and the transactions continued, the remaining deposits were quickly transferred to a secure address.
Kucoin wants to compensate customers
So far, the exchange has emphasized that the loss is only a fraction that can be easily compensated. Accordingly, you want to pay for any damage, so all customer deposits are covered. Still, this is little consolation because the case confirms once again that only self-detention is a viable option and that third parties cannot be trusted.