Author | Qin Xiaofeng

Editor | Mandy Wang Mengdie

Produced | Odaily

Author | Qin XiaofengCryptoquantEditor | Mandy Wang Mengdie

Produced | Odaily

At 10 am Beijing time today, the on-chain data provider

The article stated that the encryption exchange Kucoin was suspected of being stolen.

As an established exchange, the news of Kucoin being stolen was immediately circulated in the community. In addition, some Kucoin users cannot withdraw coins, which increases the authenticity of the stolen news.

Why was Kucoin attacked and how much cryptocurrency was lost? What impact will these stolen funds have on the market? Can Kucoin bear the loss of users and avoid becoming the second "Mt.Gox"?

existCryptoquantsecondary title

(1) Event review: Hot wallet private key leaked

exist

After the release of the news, at 10:41, Kucoin officially issued an announcement saying: Since 3:00 Beijing time today, some large withdrawals have been detected, but did not explain the specific reason, whether it has been confirmed whether it was stolen.

Immediately afterwards, some users discovered that Kucoin had suspended deposits and withdrawals. The official customer service explained in the telegram group that it was only because of a system failure, and advised users that "in this case, you should not deposit or withdraw coins."Johnny Lyu What's happening here? The "ambiguous" explanation of the official customer service seems to add some credibility to the "stolen funds".

• However, although the withdrawal function was officially closed, some users still found that the Kucoin account was still transferring funds out. It was suspected that hackers transferred assets, which once again confirmed the possibility of theft and caused panic in the community.

• Two hours later, at 12:30 noon Beijing time, Kucoin CEO

• A live broadcast confirmed the authenticity of the theft, and provided a timetable of the incident (the following times are all Beijing time):

• At 02:51, the first alert was received from the risk management system, and it was detected that all abnormal transactions came from this wallet address: 0xeb31973e0febf3e3d7058234a5ebbae1ab4b8c23;

• At 03:01, an alert was received from the risk management system about abnormal hot wallet balances, and a special team was formed to deal with the incident.

• At 03:20, the KuCoin operation team shut down the wallet server urgently, and found that there were still abnormal transactions after the shutdown.

• At 04:20, the KuCoin wallet team started transferring the remaining assets from the hot wallet to cold storage.

At 04:25, the KuCoin wallet team, operation team and security team began to investigate the incident based on the collected information and clues.

At 04:40, the KuCoin team established a communication channel for important partners and market makers for this event.DecryptAt 04:50, the KuCoin wallet team transferred most of the remaining assets from the hot wallet to the cold wallet.

Johnny Lyu said that the main reason for the theft of assets was the leakage of the private key of the hot wallet, and the specific reason is still under investigation. In addition, the main currencies involved this time are BTC, ETH and some ERC20 tokens; as for the specific value, it is being liquidated and has not been announced yet, "the affected funds only account for a small part of the total assets."

According to reports, Kucoin's loss this time is around 150 million US dollars. According to the article, among the addresses marked as abnormal by Kucoin, a total of 11,486 ETH, 458,866 GLA, 28,443 HAT, 2,166,0273 OCEAN, and 29,999 CHR have been received since early this morning. In addition, there are a certain number of ARPA, AOA, MKR , OMG, ZRX, SXP and other tokens, with a cumulative value of 146 million US dollars.

So, will Kucoin compensate users who suffered losses in this security incident?

Johnny Lyu replied in the affirmative. “Since early 2018, Kucoin has established an insurance fund to deal with such unexpected security issues. If any user funds are affected by this incident, KuCoin and our insurance funds will fully cover them.”

secondary title

(2) CeFi joins forces to prevent hackers from money laundering

For those who have not experienced the incident, the most concerned thing is whether the stolen assets of Kucoin will affect the market.

Judging from the current situation, investors need not worry for the time being.

According to Johnny Lyu, after the incident, Kucoin immediately contacted several encryption platforms, requesting help to freeze the stolen funds, including Binance, Huobi, OKEx, Bybit, Upbit, Bibox, Gate, MXC, BitMax, BigONE, BKEX , BitZ, HBTCHoo, Crypto.com, Bingbon, Renrenbit, LBank, Max/Maicoin, CoinW, etc.

This morning, several exchanges including Matcha and Gate.io issued announcements to suspend the deposit and withdrawal of related stolen tokens. Thanks to this, the price of related tokens did not plummet, and the encryption market was not affected by the theft.Paolo Ardoino Paolo Ardoino, Chief Technology Officer of Bitfinex, issued a document stating that Bitfinex has frozen 13 million USDT on the EOS chain flowing out of the KuCoin exchange, and Tether has also frozen more than 20 million USDT on the Ethereum chain in the attack address.

As for why to help,

Explained: “Tether USDT is a centralized stablecoin like other stablecoins. We have responsibilities to users, regulators and law enforcement. We have strict rules and parameters for action.”

secondary title

(3) The safety alarm bell keeps ringing

In recent years, security incidents of centralized exchanges have occurred frequently.

In the past, more than 7,000 bitcoins were stolen from Binance. Recently, some encrypted assets were stolen from ZB.com due to technical failures. Today, the private key of Kucoin was lost.