On September 26, cybercriminals attacked KuCoin and managed to withdraw $150 million in cryptocurrencies from it. The exchange promised to reimburse damages from the company's fund.
KuCoin reported a successful hacking attack. In its official post in Twitter, the company announced a large-scale withdrawal of funds that took place on September 26 at 03:05 GMT. According to an internal security audit, bitcoins, ETH and ERC-20 tokens were stolen from KuCoin hot wallets. The amount of damage is estimated at about $150 million. Assets in cold wallets are safe, KuCoin said. Remaining coins in hot wallets were temporarily moved to cold vaults, with hot wallets redeployed.
During a live broadcast on Youtube, KuCoin CEO Johnny Lyu said that the company got in touch with law enforcement and will reimburse customers from its corporative insurance fund. Deposits and withdrawals were temporarily suspended. Leaked private key from hot KuCoin wallets was the reason for successful hacker attack, Lyu revealed.
According to Lyu, KuCoin also reached out to other trading platforms and crypto wallets such as Binance, Huobi, OKEx, Bybit, Upbit, Bibox, Gate, MXC, BitMax, BigONE, BKEX, BitZ, HBTC, Hoo, Crypto.com, Bingbon. Renrenbit, LBank, Max / Maicoin, CoinW, with a request to track the stolen funds and block related accounts.
KuCoin announced a reward of up to $100,000 to those who can provide reliable information about this incident.