Japanese cryptocurrency exchange Liquid admitted that it is a victim of a crypto heist in which unknown hackers accessed nearly $94million worth digital currency from its digital wallets.This security breach is considered to be the second biggest crypto heist after poly network and also this is Liquid’s second major security incident. In November 2020 ,a  threat actor social-engineered Liquid’s DNS provider and gained control over the exchange’s DNS infrastructure.

Liquid ranks among the top 20 crypto exchanges globally by daily trading volumes, processing more than $141 million of transactions in the last 24 hours, according to CoinMarketCap data.


According to a tweet by liquid,“We are sorry to announce that our warm wallets were compromised, we are moving assets into the cold wallet. We are currently investigating and will provide regular updates. In the meantime deposits and withdrawals will be suspended.”

Liquid did not put a dollar figure on the amount, but blockchain analytics company Elliptic said its analysis estimates the losses at about $94 million.This includes $30.9 million in ether, 12.9 million in XRP, $4.8 million in bitcoin, $7.7 million in stablecoins and $37.4 million in other tokens.

Liquid specified four blockchain addresses – in Bitcoin, Ethereum, Tron and XRP – that are believed to be associated with the hacker.

The following are the hacker’s addresses that the assests had been transferred to:

BTC: 1Fx1bhbCwp5LU2gHxfRNiSHi1QSHwZLf7q

ETH/EWT: 0x5578840aae68682a9779623fa9e8714802b59946

TRX: TSpcue3bDfZNTP1CutrRrDxRPeEvWhuXbp

XRP: rfapBqj7rUkGju7oHTwBwhEyXgwkEM4yby

To avoid detection, the hackers further converted around $45 million stolen Ethereum tokens into Ether using decentralized exchanges like Uniswap and SushiSwap preventing them from having those assets frozen.

Liquid claimed that the hack targeted a multi-party computation (MPC) wallet. “This time, the MPC wallet (used for warehousing / delivery management of cryptographic assets) used by our Singapore subsidiary QUOINE PTE was damaged by hacking.” the company said.

Further the company said in the tweets “We are currently tracing the movement of the assets and working with other exchanges to freeze and recover funds and We will continue to do everything in our power to mitigate the impact from this incident and restore full service as soon as possible.”

–-For more Cyber security write-ups in crisp content . Please follow our site via twitter handle @cyberworkx1

Posted by: Ramya Natarajan ,Currently pursuing M.Sc. Cyber forensics and Information security in University of Madras. I’m a dedicated and hard-working person with lots of interest in Information security field. My hobbies are updating myself in the field of information security, Surfing internet and reading books.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s