IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Liquid cryptocurrency exchange loses $97 million after hack

Amount lost includes $45 million in Ethereum tokens

Following a hacker raid on its systems, Japanese cryptocurrency exchange Liquid lost $97 million in crypto assets.

In a tweet, the firm said that its hot wallets were compromised, and it is moving assets into cold wallets. "We are currently investigating and will provide regular updates. In the meantime, deposits and withdrawals will be suspended,” the firm said.

It added in a follow-up tweet that it had found four blockchain addresses, in Bitcoin, Ethereum, Tron, and XRP, associated with the hacker.

According to Elliptic's analysis, the thief’s accounts have received just over $97 million in crypto assets. The amount includes $45 million in Ethereum tokens, which the hacker is converting to Ether using decentralized exchanges (DEXs), such as Uniswap and SushiSwap. 

“This enables the hacker to avoid having these assets frozen - as is possible with many Ethereum tokens,” the firm said.

James McQuiggan, security awareness advocate at KnowBe4, told ITPro that criminals continue to target systems and networks where the money is stored. If it is digital, it can be hacked. 

“Unfortunately, with another cryptocurrency exchange successfully attacked for the second time this week, this can only be a sign of things on the horizon for these exchange companies,” he said.

“Users of cryptocurrency want to ensure not to put all of their funds into one type of currency and, for more significant amounts, keep them in an offline or cold wallet to prevent theft via the exchanges. While this might seem like keeping your cash funds in the mattress at home instead of the bank, there are currently no Federal Deposit Insurance agencies to protect against your crypto funds and the exchange organizations."

Antti Tuomi, principal security consultant at F-Secure, told ITPro that from an attacker's point of view, cryptocurrency exchanges are a very appealing target since a successful breach net them a lot of capital from the users. Plus, compared to normal currency and banks, mechanisms for preventing fraud or tracing or stopping crypto transactions are either not in place or not possible to implement at the same level.

“Regardless of the exchange in question, online wallets will always be at a risk; at the same time, switching to true cold wallets that are not connected to the online system other than when authorized by the wallet owner, is very difficult to achieve with an online service without compromising on the "always-online" principle while relying on technology alone. Regardless of the cryptocurrency in question or the exchange or its geographical location, the risk with online systems and always-online wallets will always be present,” Tuomi said.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Recommended

GTA V vulnerability exposes PC users to partial remote code execution attacks
vulnerability

GTA V vulnerability exposes PC users to partial remote code execution attacks

23 Jan 2023
MSI to release securer BIOS settings after critical flaw discovered
vulnerability

MSI to release securer BIOS settings after critical flaw discovered

20 Jan 2023
China-backed hackers take down Amnesty International Canada for three weeks
Security

China-backed hackers take down Amnesty International Canada for three weeks

7 Dec 2022
'CryWiper' trojan disguises as ransomware, says Kaspersky
malware

'CryWiper' trojan disguises as ransomware, says Kaspersky

2 Dec 2022

Most Popular

The big PSTN switch off: What’s happening between now and 2025?
Sponsored

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Why – and how – IP can be the hero in your digital transformation success story
Sponsored

Why – and how – IP can be the hero in your digital transformation success story

6 Mar 2023
What is GPT-4?
artificial intelligence (AI)

What is GPT-4?

15 Mar 2023