Poloniex, the Justin Sun-linked cryptocurrency exchange, had its hot wallets drained of over $100 million.
Onchain data shows token transfers worth $114 million from an Ethereum wallet on Poloniex in 357 separate transactions.
Another Tron wallet transferred $42 million worth of tokens. The action moved the TRX token price sharply upwards.
The hack involved asset transfer to the hacker’s wallets and on-chain stablecoin swapping.
Information from Certik, a leading blockchain security company, indicated the theft of wallet private keys as the likely cause of the incident.
In an announcement, the cryptocurrency exchange iterated that it has healthy reserves and promised to reimburse affected users. The statement also revealed the freezing of some stolen funds and a further promise to reinstate regular activities alongside wallet operations suspension for “maintenance.”
On his part, Sun, a prominent investor in Poloniex, confirmed the incident and offered a 5% white hat bounty to the hacker. He also gave the hacker a seven-day ultimatum before cooperating with law enforcement.
HTX (formerly Huobi), another Sun-linked cryptocurrency exchange, lost 5,000 ETH in a similar incident last month.
According to data from Nansen, a blockchain analytics firm, Poloniex has 175 tokens worth $10,000.
In response to the event, the crypto community rallied support for Polionex.
Sun. Binance and its CEO Changpeng “CZ” Zhao, offered to help track and retrieve the stolen funds. Zhao also reiterated the need for cooperation among cryptocurrency firms during crisis periods.
X-explore, a crypto research firm, linked the hack to North Korea’s Lazarus Group, citing similar behavior from previous attacks.
Tristan D’Agosta founded Polionex in 2014. Circle, the stablecoin issuer in 2018, acquired the crypto exchange.
Circle sold Polionex to a consortium of Asian investors, including Justin Sun, the Tron blockchain founder, in 2019.
Cryptocurrency Exchange Hacks are Still an Issue
Security breaches are still commonplace in the industry despite collective and collaborative efforts to tackle the menace.
A report by Certik identified over $699 million worth of losses in Q3, 2023. Private key compromises topped the list of attack methods.
The report also highlighted Exit scams and oracle manipulation as popular methods.
Multichain’s hacking incident was the most damaging (then), with a $125 million loss and shuttering of operations.
The report identified the Lazarus Group as a player in the hacking scene. The North Korean-linked hacking group has been seen as a threat to projects, drawing the ire of the community and governments in the process.
The spate of attacks has hampered confidence in the cryptospace, which is trying to recover lost glories of all-time highs, cementing its status in popular culture.
The latest incident is proof of the lack of systems and processes in place that could prevent such issues before they occur.
However, the innovative nature of the industry will enable the solution of problems on the go, creating a new paradigm in this regard.