- EXMO has released new details about yesterday’s attack.
- The exchange believes that a hacker accessed its Bitcoin private keys, but has not discovered a precise line of attack.
- Most of the exchange’s funds appear to be safe.
Share this article
EXMO has shared an internal investigation document describing details about a recent hack that targeted its cryptocurrency exchange.
Details of the Attack
On Dec. 21, EXMO lost approximately $10 million to a security breach. EXMO believes the hacker acquired private keys, and the exchange is currently investigating how that may have happened.
Of the $10 million lost, over $6 million was stolen as Bitcoin. That amount is being held in a single wallet. Only six of the 57 cryptocurrencies that EXMO supports were affected by the breach, as the exchange stores wallet details for each on a separate server.
User data was not compromised: EXMO has a separate server infrastructure for individual crypto wallets and other data. However, speaking to Crypto Briefing, the exchange was unable to confirm whether any users lost funds as a result of the hack.
In response to the attack, EXMO has suspended withdrawals and deposits pending further investigation.
Dear EXMO users,
While the investigation is still in progress, we want to assure you that we have taken all the necessary measures for your safety. Funds depositing and withdrawal are still suspended. But don’t worry. It’s just a temporary measure.
— EXMO (@Exmo_Com) December 22, 2020
Improvements on the Way
EXMO has also traced stolen XRP and Ethereum to Poloniex and contacted that exchange. It additionally reached out to CipherTrace, Chainalysis, and Crystal in order to trace and flag addresses connected to stolen funds, which will prevent the attacker from cashing out funds on exchanges.
EXMO COO Sergey Zhdanov stated “the compromised amount is near 6% of the total assets of the company” and that he does not believe it will be an ongoing concern for EXMO. The…