TL:DR Breakdown
- KuCoin recovers stolen funds from hackers.
- Hackers hit the KuCoin exchange hot wallets last year.
KuCoin exchange CEO. Johnny Lyu had said that the exchange was able to get back only 84 percent of the funds hackers got away with last September when it was hacked. Lyu disclosed this in a letter published on Thursday. The CEO said the exchange managed to get 78 percent of the stolen funds initially and later got another 6 percent from the hacked funds with the help of law enforcement and cooperation with other exchange firms.
In total, KuCoin Exchange tracked back $239.45 million while the hackers escaped with $45.5 million.
How hackers hit KuCoin
Lyu also revealed that the hackers managed to gain possession of several private keys from the KuCoin hot wallet through an Advanced Persistent Threat (APT) attack. The attack enabled the hackers to establish a long term presence on the network to steal sensitive data after damaging internal networks, granting them control of these private keys.
The KuCoin Exchange CEO asserted that the firm would invest more in security. He said they had already upgraded their entire system since the hack and restructured their security team.
Previously, the CEO had also claimed there was evidence of who the hackers were and said the firm has not stopped tracking them.
KuCoin exchange September hack
The exchange was hacked on September 25, 2020, as Bitcoin, ERC-20, and many other tokens on the platform were transferred out of the exchange.
However, the firm said only its hot wallets were hit, and its cold wallets were safe of any breaches. They also assured users that their insurance fund was going to cover any losses users suffered.
The firm did not immediately realize it was it. Users initially complained about withdrawal issues. Afterwards, the firm’s admins also started to experience system issues. They realized the probable hack that had occurred when they announced transactions were only pending instead of completing, and $510m worth of token was moved to another address.
