A Japanese cryptocurrency exchange is estimated to have lost $97m after threat actors targeted the company.
Tokyo-headquartered Liquid revealed the incident on Thursday evening local time.
“We are sorry to announce that #LiquidGlobal warm wallets were compromised, we are moving assets into the cold wallet,” it said in a brief update. “We are currently investigating and will provide regular updates. In the meantime, deposits and withdrawals will be suspended.”
According to London-based blockchain analysis company Elliptic, the cyber-thieves stole nearly $100m in various currencies, including Ether ($32.5m), XRP ($12.9m), Bitcoin ($4.8m), Tron ($200,000) and Stablecoins ($9.2m).
“This includes $45m in Ethereum tokens, which are currently being converted into Ether using decentralized exchanges (DEXs) such as Uniswap and SushiSwap. This enables the hacker to avoid having these assets frozen — as is possible with many Ethereum tokens,” the firm explained.
“Elliptic has added the addresses associated with the thief to our system, ensuring that our clients will be alerted if they receive any of these funds. Our investigators are also aiding Liquid with tracking the stolen funds.”
With over 800,000 customers, 100+ supported countries, 80 listed digital currencies and a daily trading volume that exceeded $1bn in 2021, Liquid has a large presence in the cryptocurrency market.
However, it’s by no means the first Japanese exchange to be targeted. Mt Gox was undoubtedly the largest, losing around $500m in cyber-attacks back in 2014, forcing it to close.
Other notable victims over the years include Coincheck ($425m), Zaif ($60m), Bitpoint ($32m), and UpBit ($52m).
Some of these attacks may have originated from North Korea. A UN report from 2019 estimated that the Kim Jong-un regime might have amassed as much as $2bn from audacious raids on banks and cryptocurrency exchanges.
The biggest cryptocurrency theft of all time happened only last week when Poly Network lost over $600m to thieves. However, fortunately for the firm, the ‘ethical’ hackers that stole the money had returned most of it within days.