banner
Attacks on exchanges, KuCoin and TrustSwap hit
Attacks on exchanges, KuCoin and TrustSwap hit
Security

Attacks on exchanges, KuCoin and TrustSwap hit

By Alfredo de Candia - 28 Sep 2020

Chevron down

Over the weekend, attacks were carried out both on a centralized exchange (CEX), KuCoin, and on a decentralized exchange (DEX), TrustSwap.

Or rather, in the latter case, it was not a real attack, but criminals used the platform to execute their exit scam.

Attacks exchanges: KuCoin loses $200 million

The attack on KuCoin involved a million dollar theft, slightly under $200 million, mostly in ETH and ERC-20 tokens, but also:

  • 1008 bitcoin (BTC), worth over $10 million;
  • 26 thousand Litecoin (LTC), worth over $1 million;
  • 18 million Ripple (XRP), worth $4.5 million;
  • 14 thousand Bitcoin SV (BSV), worth over $2 million;
  • 9.5 million Stellar (XLM), worth about $700 thousand;
  • 228 million Tron (TRX), worth over $6 million;
  • USDT on EOS and OMNI for a value of about 14 million dollars.

These are impressive figures and show how many addresses of different blockchains have been attacked, suggesting that this attack has been prepared long ago and in detail, so not exploiting some last-minute mistake.

The funds have been partially frozen by several players in the sector. Bitfinex has frozen 13 million USDT on EOS, while Tether has frozen 20 million USDT on Ethereum, as explained by the CTO of Bitfinex, Paolo Ardoino.

So at least 16% of the funds have been blocked.

The good news is that KuCoin has an insurance fund that will cover users’ losses, so they will be able to reuse the platform within a week, as it is currently on hold to prevent criminals from continuing the attack.

The attack on the TrustSwap DEX

Turning instead to the sad episode involving the TrustSwap DEX yesterday, the problem was very serious because the HatchDAO team used the TrustSwap system in which the tokens of the HatchDAO team were blocked.

The announcement was made by the TrustSwap team itself.

But it wasn’t until the weekend that the retraction came, so the TrustSwap team did the right thing, but not HatchDAO which turned out to be a scam.

In this case, because we are talking about a decentralized exchange (DEX), in practice the criminals used the platform to create a pool with tokens, and they made the pool grow, until they withdrew the liquidity by taking all the tokens and leaving a virtually unusable pool.

As a result, the growth in this area of DeFi is starting to pull in criminals who very often duplicate famous protocols and then perform an exit scam.

In fact, one must always be alert to problems and keep in mind the negative aspects that liquidity pools have.

 

Alfredo de Candia
Alfredo de Candia

Android developer for over 8 years with a dozen of developed apps, Alfredo at age 21 has climbed Mount Fuji following the saying: "He who climbs Mount Fuji once in his life is a wise man, who climbs him twice is a Crazy". Among his app we find a Japanese database, a spam and virus database, the most complete database on Anime and Manga series birthdays and a shitcoin database. Sunday Miner, Alfredo has a passion for crypto and is a fan of EOS.

We use cookies to make sure you can have the best experience on our site. If you continue to use this site we will assume that you are happy with it.