EXMO has shared an internal investigation document describing details about a recent hack that targeted its cryptocurrency exchange.
Details of the Attack
On Dec. 21, EXMO lost approximately $10 million to a security breach. EXMO believes the hacker acquired private keys, and the exchange is currently investigating how that may have happened.
Of the $10 million lost, over $6 million was stolen as Bitcoin. That amount is being held in a single wallet. Only six of the 57 cryptocurrencies that EXMO supports were affected by the breach, as the exchange stores wallet details for each on a separate server.
User data was not compromised: EXMO has a separate server infrastructure for individual crypto wallets and other data. However, speaking to Crypto Briefing, the exchange was unable to confirm whether any users lost funds as a result of the hack.
In response to the attack, EXMO has suspended withdrawals and deposits pending further investigation.
Dear EXMO users,
While the investigation is still in progress, we want to assure you that we have taken all the necessary measures for your safety. Funds depositing and withdrawal are still suspended. But don’t worry. It’s just a temporary measure.
— EXMO (@Exmo_Com) December 22, 2020
Improvements on the Way
EXMO has also traced stolen XRP and Ethereum to Poloniex and contacted that exchange. It additionally reached out to CipherTrace, Chainalysis, and Crystal in order to trace and flag addresses connected to stolen funds, which will prevent the attacker from cashing out funds on exchanges.
EXMO COO Sergey Zhdanov stated “the compromised amount is near 6% of the total assets of the company” and that he does not believe it will be an ongoing concern for EXMO. The exchange aims to set up new servers and wallets for the affected cryptocurrencies in the next 1 to 2 days and resume deposits.
Moving forward, EXMO intends to set third party custody providers to hot wallets, reduce the amount of crypto stored on hot wallets to 4-7%, and hire an experienced Chief Security Officer and staff.
EXMO is one of many cryptocurrency firms and projects that have recently experienced attacks. Hardware wallet manufacturer Ledger leaked user data this summer, while crypto exchange Kucoin lost $150 million after its keys were stolen. Meanwhile, several DeFi platforms have also faced attacks.
At the time of writing, the author of this article owned BTC.
Update: EXMO plans to resume deposits and withdrawals on Dec. 24.