Kucoin hacked

[The Sceptical Chymist]

"Please rest assured that if any user fund is affected by this incident, it will be covered completely by KuCoin and our insurance fund."
https://www.kucoin.com/news/en-kucoin-security-incident-update

Well, that's good as long as it's true.  The announcement was vague as to how much was stolen, but I get the feeling it's not a huge amount--hopefully.  It certainly doesn't sound like it was a hack big enough to bankrupt Kucoin, and that's a good thing.  They're the only exchange I ever bother using when I buy altcoins.

As to the inside job rumors being posted, who knows.  I guess that's always a possibility, but I'm not sure how many previous "hacks" on exchanges have turned out to be perpetrated by exchange insiders.  You would think that these businesses would have figured out how to keep their funds secure by now, but obviously that isn't the case.

according to the "suspicious" addresses published by kucoin, the total losses are in the realm of $193 million! https://decrypt.co/43036/kucoin-hack-closer-to-200-million-as-team-releases-more-suspicious-addresses

Oh shit!  I didn't read your post until I was going to quote another one.  If Kucoin got hacked for $193m, that's pretty damn significant.  I'll be keeping a close eye on this story.

"Not your keys, not your coins."

Damn straight, and I'm glad I didn't have any funds on Kucoin (though I don't think I would have been affected by this anyway) at the time of the hack.  They might recover from this just fine, but as a general rule those words are what every newbie in crypto should learn before anything else.

[Mahanton]

There's no such place as a safe-haven and for those people who've been keeping on patronizing exchange platforms as a form of wallet of their coins then they would already have the doubts starting now.Excluding those big hacks that made platforms closed its doors .. We already had Binance and now Kucoin who experience hacking incident but they arent running from the incident but instead they do pay up on what they had lost.

Damn straight, and I'm glad I didn't have any funds on Kucoin (though I don't think I would have been affected by this anyway) at the time of the hack.  They might recover from this just fine, but as a general rule those words are what every newbie in crypto should learn before anything else.

As long the number of users on consistent manner then they would able to get those on what they have lost on a period of time but time will tell if trust to this exchange had been broken out already or people would just still remain and continue to trust up.

[khaled0111]

Kucoin is the 16th biggest crypto exchange, according to CMC, so this incident is unlikely to be an exist scam. Besides, keeping their customers updated is a good sign.
~$150M is too much money even for them,though, and am not sure if what they have in their insurance fund will be enough to cover it.

Maybe this hack will not cause them to completely shutdown but, surely, it will seriously affect their business and it will take them too long to recover.

[figmentofmyass]

Kucoin is the 16th biggest crypto exchange, according to CMC, so this incident is unlikely to be an exist scam. Besides, keeping their customers updated is a good sign.
~$150M is too much money even for them,though, and am not sure if what they have in their insurance fund will be enough to cover it.

Maybe this hack will not cause them to completely shutdown but, surely, it will seriously affect their business and it will take them too long to recover.

one thing that provides some hope is that the majority of value stolen (by far) was in ERC-20 tokens---many of which are extremely illiquid and can't be liquidated easily through DEXs. and since they are centrally issued tokens, they can be blacklisted and recovered somewhat easily.

for example, ~20% of the entire amount hacked ($36 million) is in the "alchemy" ACOIN token. kucoin is listed on CMC as the only market for this token! there are $150 million in ERC-20 tokens just sitting in the hack address: https://etherscan.io/address/0xeb31973e0febf3e3d7058234a5ebbae1ab4b8c23

a lot of that can be recovered IMO. heck, $20 million of the value in that ETH address was already frozen by tether, with another $13 million being frozen on EOS.

so hopefully between their insurance fund and token issuers blacklisting/freezing funds, this is something kucoin can recover from. we'll see!

[Darker45]

Live stream from the CEO ended an hour ago: https://www.youtube.com/watch?v=nRzL0kdUnME

TL;DR hot wallets were hacked, cold wallets secure, the amounts in question are limited but they haven't officially published the amount stolen. The CEO Johnny Lyu says, "the affected amount in this accident is a small amount for Kucoin. We are going to take the loss."

Their last official update suggests the same thing: "Please rest assured that if any user fund is affected by this incident, it will be covered completely by KuCoin and our insurance fund."

https://www.kucoin.com/news/en-kucoin-security-incident-update

Deposits and withdrawals are still suspended. "We are going to gradually open withdrawals in the next week."

The good thing is that people money is safe in this incident as the exchange has their insurance fund, from which they will pay the loss of the customers. I remember last time when binance exchange was hacked, they also did not let their customer experience the loss, because they maintain an insurance fund for this kind of unforeseen incidents.

That's damage control 101. You need to assure the users that they are in good hands, that their funds are safe, and everything's pretty much under control. You need to pacify them. You don't want another problem to explode in the middle of a huge problem. But don't take it literally or as a guarantee. Nobody would say, "we got hacked big time, we're afraid this might bankrupt us."

Having said this, we still don't know how much was really compromised, whether their insurance could contain the losses or not, whether or not they could reopen withdrawals or trading in the week that follows, and so on.

I guess KuCoin is still assessing the damage done both in financial and security terms. My hunch is that it will take some time, probably more than a week.

[bL4nkcode]

~$150M is too much money even for them,though, and am not sure if what they have in their insurance fund will be enough to cover it.

Fortunately, they just announced that anyone who has an account in kucoin that was affected by the hacked is covered completely by their insurance fund. Just don't know if the total hacked funds were covered enough as well.

[sheenshane]

~$150M is too much money even for them,though, and am not sure if what they have in their insurance fund will be enough to cover it.

Fortunately, they just announced that anyone who has an account in kucoin that was affected by the hacked is covered completely by their insurance fund. Just don't know if the total hacked funds were covered enough as well.

As the KuCoin Global CEO Johnny Lyu said on his livestream said that.

Q4: What’s the percentage of the assets being affected?

Johnny: The funds affected contain a small part of our total assets holdings.

It's quite big on us but for them, he said that it is small part and I don't see if there is an exit scam for this hack incident. Besides, they are willing to pay thousands of bucks ($100,000) to point out who is the hacker that can trace and provide valid information to them.

Until now that case was still under investigations and the withdrawal and deposit function was disabled and Kucoin CEO said it's approximately take 1 week before the operation will back again.

[onecall123]

~$150M is too much money even for them,though, and am not sure if what they have in their insurance fund will be enough to cover it.

Fortunately, they just announced that anyone who has an account in kucoin that was affected by the hacked is covered completely by their insurance fund. Just don't know if the total hacked funds were covered enough as well.

Following the news the clients can take some breath. Therefore, The incident definitely bother me as the hacked amount is huge though. I'm not so much scared of losing since have no holding assets on Kucoin. Anyway, It's again remind us we wouldn't keep our cryptocurrencies on a exchange unless we're looking to sell it.

[exstasie]

Good news, several companies behind affected ICO tokens are swapping out the hacked tokens. This KAI token swap will save over $10 million in value: https://twitter.com/lyu_johnny/status/1310194718530134022

The planned VIDT token swap will save almost $7 million too. There are a handful of other swaps planned but I'm not sure how much value they represent. The ones that aren't Ethereum tokens aren't easy to research for me.

But even if we ignore those, that's still ~$53 million (or ~27.5%) of the total losses that have already been saved, when you include the frozen USDT.

[exstasie]

Sounds like this was an inside job. According to a tweet from the CEO:

After a thorough investigation, we have found the suspects of the 9.26 #KuCoin Security Incident with substantial proof at hand. Law enforcement officials and police are officially involved to take action.

https://twitter.com/lyu_johnny/status/1312359615091277824

I assume they could only ascertain that sort of proof internally if the thief were a Kucoin employee. That's a very positive development since it means the thief will probably cooperate with the investigation.

They've reopened deposits and withdrawals for 3-4 dozen coins and tokens so far. They say withdrawals will be reopened for major coins like BTC, ETH, and USDT shortly. I won't celebrate until my BTC and USDC are safely out of the exchange, but it looks like Kucoin will recover from this.

[Findingnemo]

Sounds like this was an inside job. According to a tweet from the CEO:

After a thorough investigation, we have found the suspects of the 9.26 #KuCoin Security Incident with substantial proof at hand. Law enforcement officials and police are officially involved to take action.

https://twitter.com/lyu_johnny/status/1312359615091277824

I assume they could only ascertain that sort of proof internally if the thief were a Kucoin employee. That's a very positive development since it means the thief will probably cooperate with the investigation.

They've reopened deposits and withdrawals for 3-4 dozen coins and tokens so far. They say withdrawals will be reopened for major coins like BTC, ETH, and USDT shortly. I won't celebrate until my BTC and USDC are safely out of the exchange, but it looks like Kucoin will recover from this.

Somewhere on bitcointalk I saw the same tweet and where they discuss that Kucoin didn't really identified who wast the culprit but they found the address used and made them into public so all other exchange can blacklist the address so the hacker may not be able to cashout the funds.

Hope people's funds are same as Kucoin promised.

[exstasie]

Sounds like this was an inside job. According to a tweet from the CEO:

After a thorough investigation, we have found the suspects of the 9.26 #KuCoin Security Incident with substantial proof at hand. Law enforcement officials and police are officially involved to take action.

https://twitter.com/lyu_johnny/status/1312359615091277824

I assume they could only ascertain that sort of proof internally if the thief were a Kucoin employee. That's a very positive development since it means the thief will probably cooperate with the investigation.

They've reopened deposits and withdrawals for 3-4 dozen coins and tokens so far. They say withdrawals will be reopened for major coins like BTC, ETH, and USDT shortly. I won't celebrate until my BTC and USDC are safely out of the exchange, but it looks like Kucoin will recover from this.

Somewhere on bitcointalk I saw the same tweet and where they discuss that Kucoin didn't really identified who wast the culprit but they found the address used and made them into public so all other exchange can blacklist the address so the hacker may not be able to cashout the funds.

They published those addresses the day of the hack. The announcement that they found proof identifying the the culprit came a week later. These are two different things.

Either way, I just want them to open deposits and withdrawals for all coins and tokens, so I can get my money off. I kept a trading stash there. Nothing I couldn't afford to lose, but it'd still be a big relief to get it back.

[exstasie]

Good news: Kucoin brought deposits and withdrawals back online for all the major cryptocurrencies. BTC, ETH, USDT, etc. https://www.coindesk.com/kucoin-restarts-deposits-withdrawals-for-bitcoin-ether-following-281m-hack

I've got my money off now. It was nothing I couldn't afford to lose, but it sure feels good to get my coins back.

All in all, ~$281 million was stolen, ~$204 million was recovered (tokens frozen and reissued, etc.) and $7.5 million in tokens were liquidated through DEX platforms. The amount of the losses are now down to the size of the Binance hack last year. Hopefully they can keep chipping away at it because I honestly don't know how big their "insurance fund" really is, if it exists at all.

[suchmoon]

Anyone else finding this token reissue "solution" deeply troubling? I understand the sentiment but it really opens a massive Pandora's box. Centralized exchange loses $300 million because they gave some crook access to their wallet... no big deal, we'll just tweak the blockchain the database. Perfect cover for a less-scrupulous exchange to steal from a large customer.

Also keeping that amount of funds in the supposed "hot" wallet doesn't make any sense but then again, it never does when those centralized exchanges get "hacked".

[figmentofmyass]

Anyone else finding this token reissue "solution" deeply troubling? I understand the sentiment but it really opens a massive Pandora's box. Centralized exchange loses $300 million because they gave some crook access to their wallet... no big deal, we'll just tweak the blockchain the database. Perfect cover for a less-scrupulous exchange to steal from a large customer.

tbh, it's only troubling insofar as ICO tokens were centrally issued and not censorship resistant to begin with. a lot of tether and ICO token haters have been pointing that out for years---that centrally issued tokens can't possibly have the same security guarantees as decentralized coins like bitcoin.

in a way, it could be argued this is a feature and not just a bug. you can't have the expectation of censorship resistance of course, but hacks and thefts can be rolled back with ease. maybe this is a legitimate trade-off, as long as we all understand the limitations of highly centralized projects. tokens =/= cryptocurrencies etc.

Also keeping that amount of funds in the supposed "hot" wallet doesn't make any sense but then again, it never does when those centralized exchanges get "hacked".

that was the insane part to me. over $150 million in ERC-20 tokens alone. who the hell is withdrawing $40 million in ACOIN tokens on a daily basis? nobody, since kucoin is literally the only market for it, according to CMC anyway. madness!

the other hot wallet losses (BTC, ETH, LTC, etc) were in the range of what you'd expect, more or less. i dunno what they were thinking with their token storage. they were obviously too dependent on their internal risk controls (re withdrawal approval) and not planning for the possibility of getting their actual keys leaked.