By Stephen Graves and Liam J. Kelly
2 min read
Poloniex, a crypto exchange owned by Tron founder Justin Sun, has seen more than $126 million worth of crypto assets exit one of its wallets as the result of a "hack incident."
The transfers were first flagged by blockchain security firm Peckshield; blockchain explorer Etherscan shows a series of transfers from the "Poloniex 4" wallet to the hacker's wallet, including ETH, TRON, the stablecoins USDT and TUSD, and meme coins including PEPE, FLOKI, and SHIB.
It's not just on the Ethereum blockchain either. Additional blockchain data collated by Arkham Intelligence shows that over 288 million in Tron's native token TRX and 865 Bitcoin were also pilfered, bringing the total to over $126 million.
Looking closer at the hacker's activity, after assets are sent to one of the attacker's wallets, it's then sent to a second before assets are swapped for primarily USDC using MetaMask's swapping feature.
In one instance, however, the hacker appears to have fat-fingered at least one transaction, sending $2.5 million in stolen Golem tokens (GLM) to the token contract rather than the secondary addresses in their control. It will be impossible for them to recover this sum.
A tweet from Poloniex's customer support account initially stated its "wallet has been disabled for maintenance. We will update this thread once the wallet has been re-enabled."
Following the incident, Sun tweeted that the exchange was "currently investigating the Poloniex hack incident," adding that the exchange "maintains a healthy financial position" and would reimburse the affected funds. Sun stated that the exchange was collaborating with other exchanges to "facilitate the recovery" of the appropriated funds.
Speaking to Decrypt, security researcher Officer's Notes suggested that the hack could be attributed to compromised private keys, malware, or social engineering.
Edited by Liam Kelly.
Editor's note: This article was updated to include additional details about how much was stolen from Poloniex.
Decrypt-a-cookie
This website or its third-party tools use cookies. Cookie policy By clicking the accept button, you agree to the use of cookies.