Kucoin - REKT


After what was described as an “unplanned movement of funds” on September 26th, Kucoin has reassured their users that all assets stolen in the hack will be returned and that Kucoin is fully insured for this scenario.

Kucoin originally stated that the stolen tokens had a value of at least $150m, however some are estimating the true value to be as high as $280m, as more wallets are linked to the attack.

https://twitter.com/lawmaster Over the last 24 hours, the hacker has been attempting to launder the stolen money via Binance and Uniswap, selling all tokens for ETH.

The first tokens to be sold were OCEAN and SNX, where the large market sales caused the price to decrease dramatically.

OCEAN sales on etherscan
Ocean protocol price impact 7 day chart (Sep-27-2020 06:54:55 AM +UTC)
SNX sales on etherscan
SNX price impact 7 day chart (Sep-27-2020 12:52:25 PM +UTC) The hacker has gone on to sell COMP, LINK, and DIA, and with the token holdings of the wallet in full view, it has caused some uncertainty amongst holders of the ~160 different tokens that remain in the wallet.

Breadcrumbs provides a visualisation of the flow of tokens from Kucoin to the hackers wallet.

From this graphic we can see the attackers funds are flowing through Uniswap and consolidating in the following two addresses.

0x00600423c03ec4b46f9b8a28c66d42bdd1b19c36

0xf519e276958c3ef2dffd9b6b2d87d26859526505

One of the first tokens to be moved out of the hackers address was a relatively small sum of 50,000 USDT, after which Tether moved quickly to freeze the remaining tokens in the wallet; a predictable move that left some wondering why the hacker didn’t exchange this currency first.

Other tokens have taken steps to reduce the damage caused by this hack by forking, freezing or blacklisting the stolen tokens.

Some of the projects that have acted against the hacker with approximate value of tokens stolen.

Although this is positive news for the owners of the stolen funds, it does cast doubt on the true decentralisation of each protocol.

Despite the hacker being able to remove $150m in ERC20 tokens from the exchange, the relatively unadvanced techniques used to launder the funds have caused some to wonder if the hacker was in fact a Kucoin employee. As the funds were removed via access to the hot wallet private key rather than a brute force attack,  this looks to be a possibility.

Amidst claims that the hacker would have been better off using DeFi instruments such as Curve or Balancer to launder their money, Curve has spoken out to state that decentralised protocols are actually less effective for money laundering than their centralised alternatives.

It’s not just Ethereum that has been affected by this hack. 1008 BTC were also stolen.
https://twitter.com/cryptoquant_com/status/1309668583908061185?s=20 The hacker took the opportunity to send a message to the community using BTC.

“Epic Hack Homie - Not your keys not your coins”

The crypto community has been responding to the hacker address.
This is a developing story, and we will be keeping you up to date as it progresses.


share this article

REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.

Donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C

Disclaimer:

REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.