LCX

LCX Hot Wallet Hack - January 2022

Incident Overview

On January 8th, 2022, LCX, a Liechtenstein-based exchange, experienced a hack in which funds were stolen from one of its hot wallets. The hacker stole $7.94m through unauthorized access to its hot wallets.

Timeline and Detection

The hacker(s) struck January 8, 2022, swiping funds from LCX at 10:23 pm GMT. LCX noticed malicious activities within minutes and prevented further damage by taking immediate action.

Stolen Assets

The hackers rapidly drained LCX's hot wallet, taking various cryptocurrencies including USDC, SAND, LINK, QNT, ENJ, ETH, and MKR.

Response and Recovery

The LCX team provided a rapid response and covered all the losses. LCX specialists completed initial security checks, identified affected assets, and published a detailed incident report. The attacker used Tornado.cash, and according to its update on June 22, 2022, 60% of the stolen funds were frozen: Liechtenstein court ordered Coinbase to freeze 500 ETH and New York Supreme Court ordered Centre Consortium to freeze 1.3m USDC.

Investigation

LCX launched fairly successful investigations with law enforcement in Liechtenstein, Ireland, Spain and USA.

Sources

• https://hacken.io/industry-news-and-insights/lcx-hack-january-2022/

• https://www.trmlabs.com/post/exploit-radar-lcx-hot-wallet-hack

• https://www.lcx.com/hot-wallet-incident-report/

• https://www.lcx.com/lcx-hack-update/

• https://quadrigainitiative.com/casestudy/lcxexchangehotwallethack.php