Key Takeaways
- Japanese cryptocurrency exchange Liquid has reported a security attack on its hot wallets.
- While Liquid did not specify the amount that was stolen, the team shared the hacker’s crypto addresses.
- This is the second incident in which Liquid’s infrastructure has been compromised.
Japanese crypto exchange Liquid has announced that its hot wallets have been hacked.
Liquid Hacker Steals $84 Million
Liquid has been hacked.
The Japanese cryptocurrency exchange Liquid reported a security attack on its hot wallets in an Aug. 19 tweet. Liquid has been operating as a centralized exchange since 2014.
Important Notice:
We are sorry to announce that #LiquidGlobal warm wallets were compromised, we are moving assets into the cold wallet.
We are currently investigating and will provide regular updates. In the meantime deposits and withdrawals will be suspended.
— Liquid Global Official (@Liquid_Global) August 19, 2021
While it did not say how much funds were stolen, it shared crypto the hacker’s addresses. As per the transactions made by the addresses used by the hacker, the stolen assets are worth over $84 million.
The hacker’s Ethereum address contains about $69 million worth of ETH and other ERC-20 tokens, while the Bitcoin wallet holds 107.42 BTC valued at about $4.8 million. A further $10 million worth of XRP and TRX has been sent out from the wallet addresses originally shared by Liquid.
At the same time, it appears that the hacker was unable to transfer all of the assets from the exchange’s hot wallets. The unhacked portion of the funds is now being transferred to its cold wallets, the exchange said.
Most centralized crypto exchanges maintain two types of wallets: hot and cold. Hot wallets are connected to the web for allowing quick deposits and withdrawals and can be prone to hacks. In comparison, cold wallets are not exposed to the web and offer much stronger security against attacks.
The incident is one of the biggest centralized exchange hacks of 2021. Since the so-called “DeFi summer” of 2020, crypto attacks have largely involved decentralized exchanges and yield farms. Earlier this month, an attacker stole a record $611 million in crypto through an exploit in Poly Network, before returning almost all of the funds.
This is the second time Liquid’s infrastructure was compromised. On Nov. 13 last year, the exchange confirmed a hacker had gained access to its employees’ email accounts and compromised the company’s network.
At the time, the exchange asked users to change their passwords and reset 2FA Keys. Liquid is yet to clarify whether the prior incident was connected in any way to today’s hack. The exchange said it was still investigating the security incident and will provide regular updates.
Many other large Japanese exchanges have suffered attacks over the years. Notable hacks include the infamous Mt. Gox attack of 2014 when 850,000 Bitcoin worth $450 million at the time were stolen. Coincheck was also hit by another notable incident in 2018; the attackers made off with $500 million.
