$90M Looted From Liquid Exchange
Crypto News

$90M Looted From Liquid Exchange

2 years ago

The Japanese cryptocurrency exchange said it was moving its assets into a cold wallet

$90M Looted From Liquid Exchange

Tabla de contenidos

A hacker stole more than $90 million from Japanese cryptocurrency exchange Liquid on Aug. 18. 

In a series of tweets at 6:42 a.m. UTC on Aug. 19, the Liquid Global Official Twitter account detailed six ether wallets and one bitcoin, one XRP, and one tron wallet that had received $90.6 million in looted funds, the majority of it in ether and 68 separate Ethereum ERC-20 tokens.
That is far from the largest hack this month, but it is the worst. Cross-chain protocol Poly Network lost a staggering $612 million in a hack on August 10, but the hacker — dubbed Mr. White Hat — promptly returned the vast majority of the stolen crypto in dribs and drabs over several days (with a little more to come), saying he did it “for fun” and “always” planned to return the funds. Poly Network, for its part, promised no prosecution and offered a $500,000 bug bounty for the hacker, and a position as chief security advisor.
Liquid announced the attack in a brief tweet at 2:05 a.m. UTC.

It read:

“Important Notice: We are sorry to announce that #LiquidGlobal warm wallets were compromised, we are moving assets into the cold wallet. We are currently investigating and will provide regular updates. In the meantime deposits and withdrawals will be suspended.”
As of 9 a.m. UTC, no additional news had been posted on Liquid’s Twitter account or its blog.

Warm wallets are fairly similar to hot wallets in that they are connected to the internet, and thus vulnerable to hackers. 

Exchanges tend to use warm wallets as an intermediate step between hot wallets funded for user withdrawals and cold wallets which are “air-gapped” — fully offline, and thus impervious to Internet-based thieves.

A warm wallet tends to hold a few days worth of funds, and requires human approval of each transaction sending funds back and forth to the hot and cold wallets. That suggests the Liquid hacker breached its warm wallet passwords.

Past Problems

Liquid was hacked in November 2020, but by a different kind of attack. No funds were reported stolen, but Liquid CEO Mike Kayamori said in a blog post that users’ personal information was taken after a hacker got Liquid’s domain hosting provider, GoDaddy, to wrongly transfer control of one of the exchange’s core domains.

“This gave the actor the ability to change DNS records and in turn, take control of a number of internal email accounts,” Kayamori wrote. In due course, the malicious actor was able to partially compromise our infrastructure, and gain access to document storage.”

The attacker made off with data like users’ email, name, address, encrypted passwords and API keys — and possibly some anti-money laundering customer data like images of government-issued ID, selfies and proof of address — leading Kayamori to recommend customers change passwords and two-factor authentication (2FA) credentials, and be on the lookout for phishing attacks.

These are the addresses to which the Aug. 19 hacker sent Liquid’s funds:

BTC $4.8 million


ETH $44.6 million + $24 million in 68 ERC-20 tokens


ETH $1.6 million


ETH $188,212


ETH $158,495


ETH $44,741


ETH $26,463


XRP $13 million


TRX $1.7 million


Stolen funds and cyber hacks are not new stories in the crypto space. In fact, one of the earliest and most infamous crypto heist occured in late 2011 — the hacking of the Mt. Gox Bitcoin exchange. Check out our list of the largest crypto hacks in history and how it had impacted the exchanges.
15 people liked this article