According to multiple sets of on-chain data, hackers have emptied the hot wallets of cryptocurrency exchange Poloniex, resulting in an estimated loss of $114 million
Blockchain security companies PeckShield and Cyvers detected a possible hack at approximately 10:55 UTC. Twelve minutes later, Poloniex made an announcement stating that the wallet on the exchange had been disabled for maintenance. Justin Sun, a Poloniex investor, later verified the hack in a tweet.
It looks like a number of wallets on several different blockchains have been targeted. Archam data reveals that an Ethereum wallet, currently identified as a “Poloniex hacker,” sent 357 transactions totaling $114 million in tokens from Poloniex. Additionally, a Tron blockchain wallet transferred about $42 million to different wallets.
Founded in 2013, Poloniex is among the oldest cryptocurrency exchanges. Circle purchased it in 2018 and subsequently spun it off to a number of investors, among them Justin Sun, who disclosed having participated in the most recent acquisition in 2019.
According to CoinMarketCap, the exchange has handled $616 million in trading volume in the last 24 hours; however, its public reserves are not accessible for viewing. In contrast, the market leader Binance has $19.3 billion in revenue, while Coinbase (COIN), the only exchange that is publicly traded, has $3 billion.
Hackers frequently target cryptocurrency exchanges. Eight million ether (ETH) were stolen in HTX’s hack two months ago; in April, South Korean exchange Gdac lost $13 million, and in November of last year, Deribit suffered a $28 million loss from a hot-wallet hack.
The Poloniex hacker purchased $20 million worth of tron (TRX), according to on-chain data, driving up the token’s price by more than 25%.
Little more than 175 tokens, valued at $10,000 in total, remained in Poloniex’s wallet, according to blockchain analytics firm Nansen.
“We are currently investigating the Poloniex hack incident,” tweeted the Sun. “Poloniex is in good financial standing and will repay all monies that were lost. Furthermore, we are investigating prospects for cooperation with other exchanges in order to expedite the retrieval of these funds.”
Sun went on to say that the hacker has seven days to accept the exchange’s 5% white hat bounty before contacting law enforcement.