Liquid, a Japanese cryptocurrency exchange platform is the latest to be hit by a hack. The exchange stated that the hacker compromised its warm wallets and made off with more than US$97 million in various cryptocurrency assets.
The company’s incident report states, “At around 7:50 AM SGT on August 19th, Liquid’s Operations and Technology teams identified illegal access to some of the crypto wallets managed at Liquid.”
The company said on Twitter that the attackers had gained access to its “warm wallet,” and that it had relocated its cryptocurrency and assets to a “cold wallet” for the time being.
While Liquid examines the situation and assesses the consequences of the attack, all bitcoin deposits and withdrawals have been suspended.
Users will still be able to make fiat withdrawals and deposits, as well as use the rest of the platform’s features.
To put it another way, hot wallets are cryptocurrency wallets that are connected to the internet and allow for basic transactions.
Warm wallets are similar to hot wallets, with the exception that they use locally installed software and have enhanced security and identity verification procedures.
Meanwhile, cold wallets are the safest alternative because they are offline and typically hardware-based. Owners of bitcoin should maintain the majority of their holdings in a cold wallet and only a small portion of their cryptocurrency holdings in a hot wallet for everyday transactions.
The perpetrator or perpetrators of the attack have yet to be identified; however, the attack vector might be tracked back to a hacked wallet used by Liquid’s Singaporean subsidiary QUOINE, according to the company’s blog (in Japanese).
69 different cryptocurrency assets were misappropriated and transmitted to other exchanges or DeFi trading sites, according to the Japanese exchange platform.
According to Elliptic, a blockchain analytics business, the hackers were able to steal more than US$97 million worth of cryptocurrency holdings.
“This includes $45 million in Ethereum tokens, which are presently being converted into Ether via DEXs like Uniswap and SushiSwap. This allows the hacker to avoid having their assets frozen, as many Ethereum tokens do,” Elliptic explained.
Cybercriminals have previously targeted cryptocurrency trading sites with the aim of making a large profit. This latest attack follows another huge breach in which hackers were able to steal over $600 million in cryptocurrencies from the Poly Network decentralized finance platform. The hackers then returned almost all of the loot in an unexpected turn of events.
