$20 million USDTs on an address known to belong to the Kucoin hacker have been frozen said Paolo Ardoino, Bitfinex’s COO.
Another $13 million have been frozen on EOS “as part of the hack,” Ardoino said.
The hacker is seen trying to move some USDt but the ethereum blockchain told him “Error in Txn: Reverted.”
There are close to $20 million USDT in the hacker’s address which he can now not move any further, but some $150 million worth of assets were stolen in total.
“According to the latest internal security audit report, part of Bitcoin, ERC-20 and other tokens in KuCoin’s hot wallets were transferred out of the exchange, which contained few parts of our total assets holdings.
The assets in our cold wallets are safe and unharmed, and hot wallets have been re-deployed,” they say.
So their hot wallet has been drained with it unclear how as they say they still are “locating the reason for the incident.”
The address in question however is marked as Fake_Phishing4378 so we can guess this was a sophisticated operation that probably took months of a phishing expedition by fakley pretending to be some official or someone Kucoin employees would want to talk to until finally enough trust is gained to get them to click on a link that may well then trigger some perhaps even zero day exploit.
Kucoin says they will cover all the funds from insurance and re-asses their hot wallet strategy with a report probably to follow to detail what was the exact failure.
As far as tether is concerned the USDt token smart contract has a backdoor key that can be used in these sort of situations to freeze assets with Bitfinex previously hacked itself so hopefully that key which controls some $15 billion is kept somewhere down some Swiss bunker.