This is everywhere in the news, Kucoin was hacked, but this hacking seems to be the work of an amateur. Nevertheless, amateur or not, 150 millions dollars were moved out of the exchange hot wallets on September 26, 2020 at 03:05:37 (UTC+8). What is more interesting is what happened after, as Bitfinex froze USDT on EOS network, and Tether froze $20 million USDT on Ethereum network, funds believed to be linked to the hack.
The official word from Kucoin Exchange was the following:
If any user fund is affected by this incident, it will be covered completely by Kucoin and our insurance fund.
More than 11,480 ether (ETH), worth over $4 million, were received into this address. Other cryptocurrencies such as Ampleforth, Maker, OMG and YFI, all DEFI tokens, evaluated at $146 million were taken, along with some emerging tokens like Chroma, Vid and Ocean. The users observed the funds being withdrawn long before Kucoin staff, and some even alerted them that a big amount of funds are moved from Kucoin to what seems to be and external wallet, all thanks to Whale Alert service.
The USDT frozen is close to 22% of the funds stolen two days ago, and the single point of failure was of human origin ( private passwords to the hot wallet were somehow leaked via social engineering).
Then, some called the hacker amateur because he tried to exchange some of the crypto without using a mixer like any DEFI pool. Funny enough, the hacker seems to follow the discussion, as he start right after to use Uniswap to dump some ERC20 tokens, including Ocean. Selling in batches on 10.000, he managed to dump the price with almost 10%, until Ocean Protocol team froze the token contract.
Other estimates say that 1,008 BTC was stolen, along with 14,713 BSV, 26,733 LTC, 9,588,383 XLM, Omni and EOS based tether (USDT) worth $14 million, $153 million of ether and ERC20s, and over 18 million XRP.
I will continue to follow this event closely and tell you if something interesting will happen. Anyway, never until now the public and other crypto projects were not involved to this degree in order to solve a negative event much quicker, and the public response was awesome, with addresses and wallets and cryptocurrency movements closely followed by many companies and investigators. A swift response can be only beneficial and maybe even detter future attack, if they will know that everything will be frozen quickly after the hack. The only bad actor was Uniswap, letting the hacker to sell tokens for hours. Hopefully they will investigate the issue and act accordingly.
Latest edit: More than 80% of the funds were frozen, especially by the small projects, afraid of a pump and dump effect.
A wonderful night, and a perfect morning for you!
1. CEO Livestream Recap: https://www.kucoin.com/news/en-kucoin-ceo-livestream-recap-latest-updates-about-security-incident
2. Their own report : https://www.kucoin.com/news/en-kucoin-security-incident-update
...try DogeWars game and get Dogecoin fighting bosses and other players.
Check my Lbry.tv channel in here.
Disclaimer: This text also can be re-published on my personal blogs, such as this one.