Hackers used Uniswap to launder $150m siphoned from KuCoin

Hackers who breached the KuCoin exchange are using the decentralized exchange Uniswap to convert altcoins into Ethereum.

Kucoins hacker begins laundering his $150,000,000.

He started swapping his $OCEAN for ETH via Uniswap.

He already dragged the price down by around 4% in less than an hour and doesn’t seem to be slowing down.

Due to low liquidity for this token, he is going to crash it hard. pic.twitter.com/gKcsgpUe3a

— Alon Gal (Under the Breach) (@UnderTheBreach) September 27, 2020

Tracking the movement of funds, the user @UnderTheBreach noted that the Ocean Token price had fallen by about 4% in an hour due to the hacker’s actions.

The Block researcher Larry Cermak noted that Uniswap is being used by hackers for the first time to convert stolen funds.

According to Bitfinex’s CTO Paolo Ardoino, laundering funds via a DEX could have “interesting consequences”, casting a shadow over liquidity providers.

This might have interesting repercussions. While we’re staring at laundering while it happens on a transparent DEX, couple of consideratios arise for me:
— will liquidity providers be tainted?
— privacy is key, probably the next DEX should use confidential transactions https://t.co/tmDCSf7yun

— Paolo Ardoino (@paoloardoino) September 27, 2020

Non-custodial, next-generation exchanges will support confidential operations, Ardoino suggested.

On Saturday, September 26, the cryptocurrency exchange KuCoin said that there had been an unauthorized withdrawal from hot wallets. Preliminary estimates put the damage at as much as $150 million.

Shortly after the breach, Bitfinex froze 13 million USDT on the EOS blockchain, and Tether blocked 20 million USDT at one of Ethereum addresses “as a precaution”.

Similar measures were taken by other market participants, as reported on KuCoin’s website. From the latest updates:

• 12FACbewf5Fy9nmeaLQtm6Ugo5WS8g2Hay and 1TYyommJW3uhjhcnHhUSuTQFqSBAxBDPV have been tagged as suspicious Bitcoin addresses;
• Orion Protocol reported the reissuance of ORN tokens;
• The Covesting project froze COV tokens sent to a suspicious address. VIDT Datalink is taking similar measures will take;
• Developers of Silent Notary will reissue SNTR in exchange for the tokens that ended up with the hackers.

KuCoin chief Johnny Lyu wrote that the exchange is preparing to resume deposits and withdrawals.

Per our current estimation, within a week, we will be gradually enabling the deposit and withdrawal service

— lyu_johnny (@lyu_johnny) September 27, 2020

“According to current estimates, within a week we will gradually make deposit and withdrawal capabilities available.”

UPDATE: The hacker began converting on Uniswap the SNX token from the DeFi project Synthetix.

And more https://t.co/1JmW8j0md3

— Larry Cermak (@lawmaster) September 27, 2020

Earlier, hackers broke into the Slovak bitcoin exchange Eterbase. The attackers managed to withdraw Bitcoin, Ethereum, Tron, XRP, Tezos and Algorand from the exchange for a total of more than $5.3 million (at the exchange rate at the time).

Follow ForkLog on Twitter!