EXMO cryptocurrency exchange hacked, loses 5% of total assets

British cryptocurrency exchange EXMO has disclosed that unknown attackers withdrew almost 5% of its total assets after compromising its hot wallets.

Hot wallets are Internet-connected and are used by exchanges to temporarily store assets for ongoing transactions and transfers unlike cold wallets (also known as offline or hardware wallets) which have no Internet connection.

The crypto exchange had a 2273 BTC (nearly $52 million) 24-hour trading volume and 27,795 active traders.

All withdrawals temporary suspended

EXMO says that it has temporarily suspended all withdrawals after detecting suspicious and large withdrawals starting with December 21st, at 2:27:02 UTC.

“We are still investigating the incident, but as of now, the security audit report showed that some amounts of BTC, XRP, ZEC, USDT, ETC and ETH in EXMO’s hot wallets were transferred out of the exchange”

“We reacted immediately and re-deployed hot wallets. The affected hot wallets comprise near 5% of the total assets. Let us stress that all the assets in the cold wallets are safe.”

The crypto exchange also added that all losses incurred by users affected in this incident will be covered and refunded completely by EXMO.

EXMO has reported the incident to the London police and is working with their Cybercrime team to investigate the attack.

The exchange will also conduct a “thorough security review” of all systems and data, and it actively working on finding the reason behind this “suspicious withdrawal activity.”

“In the meantime, we ask you NOT TO DEPOSIT ANY FUNDS TO THE EXISTING EXMO WALLETS,” EXMO added. “All the withdrawals are suspended at the moment.”

The hackers behind the attack were able to steal and withdraw nearly 5% of EXMO’s total assets to the following addresses:

  • BTC — 1A4PXZE5j8v7UuapYckq6fSegmY5i8uUyq
  • USDT (ERC20) — 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce
  • ETH — 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce
  • BCH — qrfrw5q9gag2vp6jc5nlx0haplm2jlhx9vsvxd9u3e
  • ZEC — t1StUQiw1YyHT515xDxwxjfhEcw2iGSq2yL
  • XRP — rwU8rAiE2eyEPz3sikfbHuqCuiAtdXqa2v (tag 2033412069)
  • ETC — 0x4d9EF6846126Da2867AF503448be0508542C971e

NOTE:: This article is copyright by bleepingcomputer.com and we are using it for educational or Information purpose only

World Best Cyber Security Products & Solutions