KuCoin Hacker Prepares To Launder the Looted $150M Via Uniswap

News / 27.09.2020

On 27th September, a twitter account named under the Breach reported that the Kucoin hacker just started laundering his $ 150 million. The tweet said that the hacker started swapping his $OCEAN for Ethereum through Uniswap, pulling the token’s price down by around 4%, in less than an hour.

In response to @Under the Breach, another twitter user named Larry Cermak corrected the information given. Cermak pointed out that the hacker is yet to begin laundering his $ 150 million and is exchanging the coins to ETH so that he could later either swap for privacy coins (XMR) or use Tornado to launder his coins.

Cermak followed up on his earlier tweet by explaining that the hacker had started using Uniswap to swap from shitcoins to ETH. He noted that this is the first time Uniswap was used following a hack. 

Earlier Reports on the $ 150 Million Kucoin Hack

On 26th September 2020, the Singapore-based cryptocurrency exchange, Kucoin, confirmed that it got hacked and $ 150 million stolen. Kucoin pointed out in a statement that it conducted a security audit and noticed large withdrawals of Ethereum and Bitcoin were moved to an anonymous wallet. 

Kucoin, CEO, Johnny Lyu, in a live stream, said that one or many hackers got hold of the private keys to the exchange’s hot wallets. Hot wallets are cryptocurrency management apps connected to the internet, and Kucoin uses them as their temporary storage system.

According to Kucoin, the hacker stole Bitcoin assets ERC-20 based tokens together with other types of tokens. The exchange suffered a loss of more than $ 150 million as a result of the security breach. 

Johnny Lyu has since promised to compensate users who lost their funds during the hack from Kucoin’s insurance fund. The exchange’s security team is currently investigating the incident and has temporarily suspended deposits and withdrawals on the platform. 

Kucoin’s Updated Statement

On Saturday, 26th September 2020, Kucoin released an updated statement revealing a list of additional wallet addresses where the stolen funds were transferred. These wallet addresses include BTC, bitcoin SV (BSV), ETH, LTC, XRP, Stellar Lumens (XLM), Tron (TPX), and Tether (USDT).

As per Kucoin’s updated address, two Kucoin’s ETH wallets sent more than 11 480 ETH, as seen from data in blockchain explorer Etherscan. The Etherscan data also shows that the Ethereum wallet address also received more than 150 ETH-based tokens worth over $ 150 million from the two Kucoin Ethereum wallets. 

The price of KCS, Kucoin’s exchange token, dropped by 14% to $ 0.86 in an hour on 26th September, following the news of the Kucoin hack spreading on social media platforms. Some top cryptocurrency exchanges, including Bitfinex, have since moved to blacklist the wallet addresses. 

According to Johnny Lyu, the company is investigating the incident with the help of international law enforcement. 

After realizing the setbacks of centralization in the financial industry, Carol has dedicated her career to apprise everyone on the benefits of blockchain technology. When she is not writing, she’s probably somewhere in the park reading a book.