The attackers managed to remove Bitcoin, Ethereum and other coins. A company spokesperson told topplabs.org which trading platform the stolen funds were sent to.
The cybercriminals withdrew 5% of its total assets from the EXMO exchange, which the company announced in its official blog. The attackers, starting at 05:27 Moscow time, removed part of the reserves of Bitcoin, Ethereum, Ethereum Classic, XRP, ZEC and USDT. The trading platform transferred the remaining assets to cold wallets, the funds are safe.
All withdrawals are currently suspended. The company asked users not to transfer cryptocurrency to the saved EXMO wallets, and stressed that they will reimburse customers for possible damage.
“We assure you that in the event that users have lost funds, EXMO will fully compensate for the damage from its own insurance fund,” said EXMO.
A company spokesman said in a comment to topplabs.org that the attackers had sent part of the funds to the Poloniex exchange and named two wallets they owned. The attackers transferred 866 Ethereum to one of them in batches of 100-200 ETH, the transactions were recorded by the etherscan.io blockchain observer.
EXMO clarified that they contacted the London police – where the exchange is registered – and reported the incident. The marketplace has informed analytical systems to mark the withdrawn cryptocurrency as stolen. Such measures are taken to prevent criminals from cashing stolen assets through other sites.
On December 20, it became known that a hacker made public the database of the manufacturer of hardware wallets for storing Ledger cryptocurrency. It contains over 1 million email addresses, as well as phone numbers of 270 thousand users who have purchased the device.