KuCoin says that 84% of cryptocurrency funds stolen during a cyberattack has now been recovered.
On November 11, KuCoin chief executive and co-founder Johnny Lyu said in a Twitter thread that the majority of the impacted assets have been recovered via “judicial recovery, contract upgrades, and on-chain tracking.”
However, Lyu does not intend to reveal further details until the “case is closed,” apparently upon request by law enforcement.
KuCoin’s hack took place on September 26. The Singapore-based cryptocurrency exchange stored a number of assets in hot wallets — Internet-accessible repositories for virtual coins — rather than cold wallets, where cryptocurrency is stored safely away from the web.
After detecting “some large withdrawals,” KuCoin’s team realized the hot wallets were being drained of cryptocurrency including Bitcoin (BTC), Ethereum (ETH), and ERC-20 tokens.
It is estimated that at least $150 million in cryptocurrency was stolen during the incident, but KuCoin has not confirmed the exact amount lost. However, the company says that they have obtained “substantial proof” of who is responsible.
Lyu added that service has resumed for 176 different tokens and all remaining coin withdrawal or trading that is still frozen is due to reopen before November 22.
According to KuCoin’s security incident update page, at the time of writing, this will include Vid (VI), Add.xyz (PLT), DMM: Governance (DMG), Ankr (ANKR), and BABB (BAX).
On Thursday, the cryptocurrency exchange reopened deposit and withdrawals for CargoX (CXO), adbank (ADB), and Perth Mint Gold Token (PMGT).
TechRepublic: Phishing, deepfakes, and ransomware: How coronavirus-related cyberthreats will persist in 2021
“Again, I would like to thank all the individuals and institutions who helped us in this incident, together, we will make a stronger crypto community,” the CEO commented. “Looking forward, KuCoin will continue to safeguard our users and bring more crypto hidden gems to the world as we always did.”