Liquid cryptocurrency exchange loses $97 million after hack

Amount lost includes $45 million in Ethereum tokens

Following a hacker raid on its systems, Japanese cryptocurrency exchange Liquid lost $97 million in crypto assets.

In a tweet, the firm said that its hot wallets were compromised, and it is moving assets into cold wallets. "We are currently investigating and will provide regular updates. In the meantime, deposits and withdrawals will be suspended,” the firm said.

It added in a follow-up tweet that it had found four blockchain addresses, in Bitcoin, Ethereum, Tron, and XRP, associated with the hacker.

According to Elliptic's analysis, the thief’s accounts have received just over $97 million in crypto assets. The amount includes $45 million in Ethereum tokens, which the hacker is converting to Ether using decentralized exchanges (DEXs), such as Uniswap and SushiSwap. 

“This enables the hacker to avoid having these assets frozen - as is possible with many Ethereum tokens,” the firm said.

James McQuiggan, security awareness advocate at KnowBe4, told ITPro that criminals continue to target systems and networks where the money is stored. If it is digital, it can be hacked. 

“Unfortunately, with another cryptocurrency exchange successfully attacked for the second time this week, this can only be a sign of things on the horizon for these exchange companies,” he said.

“Users of cryptocurrency want to ensure not to put all of their funds into one type of currency and, for more significant amounts, keep them in an offline or cold wallet to prevent theft via the exchanges. While this might seem like keeping your cash funds in the mattress at home instead of the bank, there are currently no Federal Deposit Insurance agencies to protect against your crypto funds and the exchange organizations."

Antti Tuomi, principal security consultant at F-Secure, told ITPro that from an attacker's point of view, cryptocurrency exchanges are a very appealing target since a successful breach net them a lot of capital from the users. Plus, compared to normal currency and banks, mechanisms for preventing fraud or tracing or stopping crypto transactions are either not in place or not possible to implement at the same level.

“Regardless of the exchange in question, online wallets will always be at a risk; at the same time, switching to true cold wallets that are not connected to the online system other than when authorized by the wallet owner, is very difficult to achieve with an online service without compromising on the "always-online" principle while relying on technology alone. Regardless of the cryptocurrency in question or the exchange or its geographical location, the risk with online systems and always-online wallets will always be present,” Tuomi said.

Featured Resources

The definitive guide to warehouse efficiency

Get your free guide to creating efficiencies in the warehouse

Free download

The total economic impact™ of Datto

Cost savings and business benefits of using Datto Integrated Solutions

Download now

Three-step guide to modern customer experience

Support the critical role CX plays in your business

Free download

Ransomware report

The global state of the channel

Download now

Recommended

Dual citizen sentenced to 11 years for role in North Korean crypto hacking scheme
hacking

Dual citizen sentenced to 11 years for role in North Korean crypto hacking scheme

10 Sep 2021
IoT devices are more vulnerable than ever
Internet of Things (IoT)

IoT devices are more vulnerable than ever

10 Sep 2021
DOJ extradites Ukrainian man who used a botnet to decrypt login credentials
botnets

DOJ extradites Ukrainian man who used a botnet to decrypt login credentials

9 Sep 2021
Hackers use open source tools to steal usernames and passwords
open source

Hackers use open source tools to steal usernames and passwords

8 Sep 2021

Most Popular

What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

8 Sep 2021
Google takes down map showing homes of 111,000 Guntrader customers
data breaches

Google takes down map showing homes of 111,000 Guntrader customers

2 Sep 2021
Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition
mergers and acquisitions

Intuit plans end-to-end SMB platform after $12 billion Mailchimp acquisition

14 Sep 2021