The incident is one of the biggest attacks of 2021 against a centralized exchange.
Liquid Global, one of the top 10 crypto exchanges in Japan in terms of daily traded spot volume, confirmed that hackers managed to transfer more than $ 80 million of digital assets from the platform as part of a security flaw that compromised the exchange’s hot wallets. The exchange has currently suspended all withdrawals and deposits.
Centralized exchanges like Liquid have separate hot wallets and cold wallets. Hot wallets facilitate transactions and are connected to the internet, making them more vulnerable to cyber attacks. Cold wallets are used for long-term storage of assets and are generally safer because they are not exposed to the web.
Although Liquid has not yet revealed the exact amount of funds that were stolen, the exchange shared the hackers ‘ cryptos addresses. The hacker’s Ethereum address contains assets worth about $ 69 million, while his Bitcoin wallet contains about 107.42 BTC, currently valued at just under $ 5 million. The wallets also sent XRP and TRX worth more than $ 10 million to an unknown wallet, bringing the total value of the stolen funds to more than $ 80 million.
However, the exchange revealed that the hackers failed to steal all the funds available on its hot wallets. The remaining funds are being transferred to Liquid’s cold wallets for secure storage, the exchange confirmed.
“We are currently charting the movement of assets and working with other exchanges to freeze and recover the funds “, said Liquid in its latest update.
The incident is one of the biggest attacks on centralized exchanges in 2021. Japanese exchange KuCoin reacted to the security breach by quickly blacklisting the wallets in question.
With the decentralized finance (DeFi) boom in 2020, cyberattacks in the blockchain world have focused on DeFi projects and exchanges. The current attack only demonstrates that projects in the crypto and blockchain space can never be too cautious.
However, this is not the first time that Liquid’s infrastructure has come under attack. In November 2020, the exchange reported that its employees ‘ email accounts and the company’s communications network had been compromised. Although no theft of funds was confirmed at the time, the exchange asked all users to change their passwords and reset their 2FA key.