ICOCalendar.Today

  • ICO Directory đź“–
  • ICT Token 🔥
  • Blockchain News đź—ž
    • Ethereum
    • Binance
    • Cryptocurrency
    • Litecoin
    • Monero
    • Ethereum Classic
    • Bitcoin
    • Tezos
    • Tron
    • Cardano
    • EOS
    • Algorand
    • ZCash
    • Dash
    • Chainlink
    • NEO
    • Maker
    • DeFi
  • List a project đź’Ł
  • Submit Press Release 👍
  • ICO Directory đź“–
  • ICT Token 🔥
  • Blockchain News đź—ž
    • Ethereum
    • Binance
    • Cryptocurrency
    • Litecoin
    • Monero
    • Ethereum Classic
    • Bitcoin
    • Tezos
    • Tron
    • Cardano
    • EOS
    • Algorand
    • ZCash
    • Dash
    • Chainlink
    • NEO
    • Maker
    • DeFi
  • List a project đź’Ł
  • Submit Press Release 👍

KuCoin September 2020 Hack: Hacken Research

10/17/2020

Comments

 
https://ift.tt/3k2fDVv

Last week, the hottest topic in the crypto markets was the KuCoin hack. Our team highly values the need for increasing user awareness of such threats, so beyond research into the specifics of the hack itself, we have also included recommendations on how to prevent similar situations in the future.

Background

On September 25, 2020, cryptocurrency exchange KuCoin was hacked. The estimated stolen cryptocurrency amount is more than $275 million in various cryptocurrencies.

On their official website, the KuCoin team explained that the hack was due to a leak of the KuCoin hot wallet private keys.

The following cryptocurrencies were stolen:

  • 1,008 BTC;
  • 14,713 BSV;
  • 26,733 LTC;
  • 9,588,383 XLM, Omni and EOS-based Tether (USDT) worth $14 million
  • $153 million in Ether and ERC20s (11,542 ETH, 122 million VELO tokens (about $75.7 million), $1.2MM SNX, Silent Notary (SNTR), Covesting (COV), Orion Protocol (ORN), KardiaChain (KAI), NOIA Network (NOIA) and Opacity (OPQ)) + dozens of ERC-20 altcoins;
  • Over 18,495,798 XRP. 

The Tether team was able to block all of the stolen USDT, which some consider is a good way to deal with cases of hacked or stolen coins. Thanks to Tether’s blocking, KuCoin has already been able to return funds equivalent to $64 million. However, Tether’s ability to block transactions has been seen by others as antithetical to the core values of cryptocurrencies, since blocking transactions exposes the centralization in the Tether protocol. Bitcoin transactions, on the other hand, cannot be blocked, 

The hacker made withdrawals from the KuCoin hot wallets to the following addresses: 

  • ETH: https://etherscan.io/address/0xeb31973e0febf3e3d7058234a5ebbae1ab4b8c23
  • BTC https://www.blockchain.com/btc/address/1TYyommJW3uhjhcnHhUSuTQFqSBAxBDPV
    https://www.blockchain.com/btc/address/12FACbewf5Fy9nmeaLQtm6Ugo5WS8g2Hay
  • LTC: https://live.blockcypher.com/ltc/address/LQtFoidy5TmLrPP77MZzgMRffqPsmRfMXE/
  • XRP: https://bithomp.com/explorer/r3mZvvHVLPtRWAujzBsAoXqH11jhwQZvzY
  • BSV: https://blockchair.com/bitcoin-sv/address/15mC7zKbLyErSKzGRHpy6gyqS7GyRpWjEi
  • XLM: https://stellarchain.io/address/GBM3PJWNB5VKNOFXCDTTNXPMUNBMYTLAAPYDIIKLHUGMKX7ZGN2FNGFU
  • USDT: https://omniexplorer.info/address/1NRsEQRg5EjmJHbPUX7YADVPcPzCQBkyU7
  • TRX: https://tronscan.org/#/address/TB3j1gUXaLXXq2bstiSMfjQ9R7Yh9DdDgK

As we found out from the transactions, the hacker sold the stolen cryptocurrency from the above addresses on decentralized exchanges like Uniswap and anonymized the stolen cryptocurrencies through mixing services. A key advantage of Uniswap, a decentralized exchange, is that it enables users to retain full custody of their digital assets when exchanging them. However, hackers took advantage of the fact that there is no single point of authority that could block them from using the platform and were able to launder the stolen funds.

The fact that a hacker uses decentralized exchanges negatively affects their reputation but at the same time confirms their reliability. Uniswap is completely decentralized and is a reliable service for exchanging cryptocurrencies. Everyone can exchange cryptocurrency without fear of their transactions being blocked.

How Did the Hack Happen?

  • Malicious actions of employees — Exchange employees could have illegally shared the hot wallets’ private keys.
  • Attack on web infrastructure — An attacker could gain access to the exchange’s hot wallet services. However, we consider such a version unlikely.
  • Social engineering attack — Hackers could obtain access to private keys as a result of a phishing attack by using exploits, viruses, and backdoors on employees who had access to private keys.

According to KuCoin CEO and co-founder Johnny Lyu on Twitter,  the Kucoin team has found suspects, but no more information was given beyond that law enforcement is involved.

Will KuCoin Cover the Losses?

Despite the exchange claiming to reimburse all losses to users, we can see that there are not enough funds on the identified KuCoin wallets to pay off the losses caused by the hack. In addition, the exchange did not have a secure asset fund from which to recover losses. It is possible that these funds are kept in bank accounts of the exchange or in “secret” wallets, but we do not have such information.

Other exchanges do have insurance funds to be used in such events, like the Bittrex Digital Asset Insurance or Coinbase.

Who Is at Risk?

Since the KuCoin hack was due to leaked information about hot wallets, we consider exchanges that store large amounts of funds in hot wallets to be at risk of a similar attack. The following list includes some of the exchanges that rely on hot wallets:

  • Poloniex: https://etherscan.io/address/0xa910f92acdaf488fa6ef02174fb86208ad7722ba;
  • Coinoine: https://etherscan.io/address/0x167a9333bf582556f35bd4d16a7e80e191aa6476;
  • FTX: https://etherscan.io/address/0x2faf487a4414fe77e2327f0bf4ae2a264a776ad2
    https://etherscan.io/address/0xc098b2a3aa256d2140208c3de6543aaef5cd3a94.

How to Avoid Hacks in the Future?

  1. Periodically reinitialize hot wallets. KuCoin’s hot wallet key pairs have not been changed for three years; their first transactions were made on September 17, 2017.
  2. Two-man rule. Use secret sharing schemes. One of the most popular ways is to use Shamir’s Secret Sharing scheme. 
  3. Do not store more than 5% of all deposits in hot wallets. The other 95% must be stored in a cold wallet. 
  4. Store crypto in several hot wallets for each cryptocurrency platform. Each wallet must have its own private key.
  5. Perform regular penetration tests, phishing simulations, and red team exercises.

Perform audits of the cryptocurrency storage system that is included in SOC2 and/or ISO27000 auditing procedures: https://gemini.com/blog/gemini-completes-soc-2-review-a-worlds-first-for-a-cryptocurrency-exchange-and-custodian

CER.live Downgrades KuCoin. 

Because of the security incident, CER.live has now downgraded KuCoin from 6th place to 24th.

About CER.live

CER provides a fundamental analysis of the cryptocurrency exchange market. Through continuous cyber-forensic investigations and in-depth ranking methodology, CER has gained crypto traders’ trust as the only unbiased platform for crypto exchange reliability checks.

CER.live is integrated into one of the largest crypto-related analytical websites, CoinGecko, and is a member of all major crypto transparency alliances, including the Data Transparency and Accountability Alliance, run by CoinMarketCap.

Conclusion

The KuCoin exchange hack showed us that some exchanges have to pay more attention to common security standards. Some respectable exchanges such as U.S.-based Gemini, Coinbase and custody service provider Bitgo have already passed SOC-2 audits. SOC 2 examination on an annual basis demonstrates that an exchange cares about the safeguarding of its clients’ data and deposits.

Regardless of the reason for the hack, we recommend that exchanges adhere to generally accepted rules for storing client funds and perform regular audits. 

With regards to cyber criminals using DEXs to launder stolen funds, while not being able to freezer funds increases user confidence in the truly decentralized nature of these types of platforms, it also means that it’s much easier for malicious hackers to move ill-gotten goods without any problems. This is something that will need to be addressed soon if DEXs are to continue being used in this space.”

The post KuCoin September 2020 Hack: Hacken Research appeared first on CoinMarketCap Blog.

Comments

    Blockchain News

    Leading global blockchain news provider. A blockchain, originally block chain, is a growing list of records, called blocks, that are linked using cryptography.
    BLOCKCHAIN NEWS

    Archives

    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    November 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017

    RSS Feed

​About

  • About us​
  • ICT Token
  • News​​
  • Testimonies
  • Terms of Service​​
  • ​​We on Google News​ 🤑
  • ​We in the media
  • ​Partners

Let's connect!

News Feeds

  • Blockchain News
  • Jobs Board 👨‍🎓
  • Bitcoin News
  • Ethereum News
  • Binance News
  • ​Tron News
  • Cardano News
  • EOS News
  • Tezos News
  • Stock Markets
  • COVID-19 News
  • Crypto News
  • Chainlink News
  • Litecoin News
  • Dash News
  • Monero News
  • ETC News
  • NEO News
  • Maker News
  • DeFi News
  • ZCash News
  • Algorand News
© 2017-2020 ICOCalendar.Today. All Rights Reserved.