Kucoin hack post-mortem

This weekend, the Kucoin exchange experienced a security breach which compromised their hot wallets. We have been monitoring this situation since the beginning.

What happened?

Beginning at 19:05 UTC time on Friday, September 25th, a hacker began withdrawing large sums of BTC, ETH, and a number of ERC-20 tokens from Kucoin to the following wallet address: https://etherscan.io/address/0xeb31973e0febf3e3d7058234a5ebbae1ab4b8c23.

Based on our forensic analysis of the ethereum blockchain, TEL tokens at the old smart contract address (0x85e076361cc813A908Ff672F9BAd1541474402b2) were withdrawn from Kucoin:

These tokens are valueless. TEL migrated from that smart contract address earlier this year. For more information on our token migration, please review: https://medium.com/@telcoin/smart-contract-update-faq-f6ff612c091f

No actual TEL tokens from the new and active smart contract address (below) were stolen in the hack.

TEL smart contract address: 0x467Bccd9d29f223BcE8043b84E8C8B282827790F

TEL Etherscan: https://etherscan.io/token/0x467Bccd9d29f223BcE8043b84E8C8B282827790F

The Kucoin team issued a statement here: https://www.kucoin.com/news/en-kucoin-security-incident-update

The CEO of Kucoin, Johnny Lyu, also hosted a live stream shortly after the above statement which was recapped here:


We have been in contact with the Kucoin team to assess the situation.

According to Kucoin:

Please rest assured that if any user funds are affected by this incident, they will be covered completely by Kucoin and our insurance fund. And once assured of the safety of each wallet, we will re-open the withdrawal and deposit function. We will be releasing a list later of the affected tokens.

We are waiting for final confirmation from their team regarding TEL, but once again, we have found no evidence that any TEL was stolen from Kucoin. If you have evidence that any amount of TEL has been stolen from Kucoin in the hack, please bring it to our attention immediately via the Telcoin Community Telegram channel.

What if TEL had been stolen from users of Kucoin or another centralized exchange?

Reminder: TEL holders were not affected by this hack, no further action will be taken by Telcoin, and no additional work needs to be done by TEL holders.

Telcoin will always prioritize our users. We will go above and beyond to make sure to protect them from harm.

If, like in the case of Kucoin, the exchange guarantees the insurance and replacement of customer TEL in the event of a hack, and the thief sells TEL prior to any token freezes, Telcoin will let the exchange cover the losses. This essentially means that the exchange will buy TEL on the market and redistribute them to affected users.

Telcoin will never cooperate with an uninsured exchange. If in the future TEL is stolen in a hack of Kucoin or another cooperating exchange, and for some reason insurance is not able to cover it, or for any other reason they are not able to honor their commitment to buy TEL back and reimburse users, we will compensate users ourselves or as a last resort reboot the token to recover the hacked tokens.


Reminder: holding your coins on a centralized exchange means you are taking counterparty risk, i.e. by storing your coins on a centralized exchange you are taking the risk that the centralized custodian of your coins may be hacked and your coins will be stolen.

This hack, and counterparty risk generally, are some of the core reasons why we have been so focused on creating an open, liquid, healthy on-chain marketplace for TEL.

Telcoin is dedicated to creating a platform where users never have to use centralized exchanges to trade and can securely self custody their TEL and overall portfolio of ethereum-based assets at all times.

Send Money Smarter. Exchange Money Smarter. Secure Assets Smarter. Telcoin.