Authored by Amer Owaida, Security Writer at ESET
Japanese cryptocurrency exchange platform Liquid has fallen victim to enterprising hackers who compromised its warm wallets and made off with more than US$97 million in various cryptocurrency assets.
“At roughly 7:50 AM SGT on August 19th, Liquid’s Operations and Technology teams detected unauthorised access of some of the crypto wallets managed at Liquid”, reads the company’s incident report.
The company said on Twitter that the attackers compromised its so-called warm wallet, so for the time being it moved its cryptocurrencies and assets into a cold wallet. In the meantime, Liquid suspended all cryptocurrency deposits and withdrawals, while it investigates the incident, and assesses the impact of the attack. However, users will still have access to fiat withdrawals and deposits, as well as the platform’s other services.
To clarify, hot wallets are cryptocurrency wallets are that are connected to the internet and facilitate basic transactions. Warm wallets are very much like hot wallets, except that they rely on locally installed software and have improved security and identity verification controls. Meanwhile, cold wallets are offline and often hardware-based wallets and are by far the safest option. Cryptocurrency owners are generally best off keeping most of their investments in a cold wallet and only store a small part of their cryptocurrency holdings in a hot wallet for daily transactions.
The culprit or culprits behind the attack haven’t been identified yet; however, according to Liquid’s blog (in Japanese), the attack vector could be traced back to a compromised wallet used by its Singaporean subsidiary QUOINE. In total, the Japanese exchange platform estimates that 69 various cryptocurrency assets were misappropriated and forwarded to other exchanges or DeFi swapping venues.
According to an analysis by blockchain analytics firm Elliptic, the hackers were able to pilfer more than US$97 million in various cryptocurrency assets.
“This includes $45 million in Ethereum tokens, which are currently being converted into Ether using decentralised exchanges (DEXs) such as Uniswap and SushiSwap. This enables the hacker to avoid having these assets frozen – as is possible with many Ethereum tokens,” Elliptic added.
A perennial problem
Cryptocurrency exchange platforms aren’t strangers to being attacked by cybercriminals in the hopes of making a huge payday. This most recent hack comes hot on the heels of another major breach where hackers were able to steal more than US$600 million in cryptocurrency from the Poly Network decentralized finance platform. In an unexpected turn of events, the hackers later returned almost the entire loot.