On December 21, Exmo cryptocurrency exchange suspended withdrawals after stealing 5% of assets from hot wallets.
We detected suspicious withdrawal activity. All withdrawals are temporarily suspended. We’re investigating the issue and taking measures to protect your funds.
If any user fund is affected by this incident, it’ll be covered completely by EXMO.https://t.co/QCtOGRFE65
— EXMO (@Exmo_Com) December 21, 2020
Starting from 2:27 UTC, the security service of the platform has recorded several unauthorized withdrawals from BTC, XRP, ZEC, USDT, ETC, and ETH hot wallets. About 5% of the total assets were stolen.
“We reacted immediately and transferred the remaining funds from the compromised wallets,” said Exmo.
Representatives of the exchange have already written a statement to the London police and sent the details of the transactions to analytical systems, including Ciphertrace. The list of addresses to which the stolen cryptocurrencies were received has also been published:
- BTC – 1A4PXZE5j8v7UuapYckq6fSegmY5i8uUyq
- ETH – 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce
- ETC – 0x4d9EF6846126Da2867AF503448be0508542C971e
- XRP – rwU8rAiE2eyEPz3sikfbHuqCuiAtdXqa2v
- ZEC – t1StUQiw1YyHT515xDxwxjfhEcw2iGSq2yL
- USDT (ERC20) – 0xa910f92acdaf488fa6ef02174fb86208ad7722ba
The assets in cold storage are safe, Exmo noted.
All withdrawals have now been suspended. Users are asked not to make deposits to saved Exmo wallets.
According to preliminary estimates, Exmo’s damage counts $ 10.5 million.
Hackers have kidnapped:
- 292 BTC (about $ 6.5 million), another 18.5 BTC ($ 415,000) awaiting confirmation in the mempool;
- 867 ETH (about $ 521,900);
- 476,521 XRP (about $ 247,700);
- 20 651 ETC ($ 126 800);
- 50,000 USDT ($ 50,000);
- 39,285 ZEC ($ 2.7 million).
Most of the funds were sent to the Poloniex exchange.