Cryptocurrency exchange Poloniex reported a security breach. Losses from the hack of the exchange amount to about $118 million.
Justin Sun, the founder of the Poloniex exchange, said that the Lazarus Group, a group of hackers from North Korea, is suspected of the hack.
According to Coincu, security experts from X-explore, who are investigating the fraudulent operation, found similarities to an earlier attack on Stake.com.
The hackers' approach in both cases is identical. They used different addresses to process each type of token separately. Using an intermediate address, they exchanged ERC20 and TRC20 tokens on decentralized platforms for ETH and TRX, which they then transferred to a new address.
On November 10, cybersecurity firms PeckShield and Cyvers reported the Poloniex hack, as cryptoassets marked Poloniex 4 were discovered on Etherscan. The damage was initially estimated at $60 million, but it was later revealed that more than $100 million was missing. The hack took place at 10:55 UTC on November 10.
Justin Sun was quick to respond to the incident. The hack was officially confirmed, and the affected wallet was immediately disabled. The exchange's founder publicly announced a reward for the hackers who would help recover the stolen funds.
Justin Sun told the scammers that he would give them 7 days to voluntarily return the funds. If the funds are not returned, law enforcement will be involved in the investigation.
Loading...
The Poloniex hack affected several wallets on different blockchains, especially the Ethereum wallet. The wallet has now been marked as "Poloniex hacker". 357 transactions and the transfer of $114 million were registered. In addition, it was a withdrawal from the wallet with the Tron blockchain of 42 million dollars to various addresses.
It also became known that the hacker had made a big mistake. Having hastily copied and pasted wallet addresses, he accidentally transferred 10.5 million Golem tokens (GLM) worth $2.5 million to a token contract address. In other words, these funds were burned and can never be accessed again.
Read also: Kraken helped return $2.9 million stolen by the fraudster.
