Hackers of cryptocurrency exchange EXMO recently cashed out of their holdings on another exchange, Poloniex, and made $4 million dollars from selling their stack.
Attackers used Poloniex to cash their holdings
EXMO hackers moved their funds to Poloniex just hours before the British crypto exchange announced an attack on their systems. The exchange also shared the crypto addresses to avoid but hackers swiftly cashed out of their holdings before the addresses could go public.
A Poloniex spokesperson commented on the cashout and said,
“After we received the information from the Exmo team, we quickly identified and froze the two accounts. Unfortunately, all affected assets had been withdrawn hours before we were even contacted by Exmo.”
The hack at EXMO began on Monday when the team noticed suspicious withdrawals from its hot wallets in numerous digital currencies. It included BTC, ETH, XRP, ETC, ESDT, and XEX. The total value of the withdrawals was about $10.5 million, which makes up for 5% of the exchange’s total assets. Of these funds, $4 million were withdrawn via Poloniex, with $2.8 million being in ZEC and another $1 million in XRP.
Is Poloniex to blame?
EXMO executives have indicated a slack in the KYC and AML policies at Poloniex, highlighting that the firm moved its headquarters to Seychelles from the US. A Poloniex spokesperson said that the exchange adheres to strong procedures for monitoring and detecting financial crimes and money laundering. He highlighted that the company uses Jumio’s industry-leading software- Elliptic and EVS for identification, verification, sanctions, OFAC, and transaction tracing. The accounts that withdrew EXMO funds were created more than 4 weeks ago and were fully verified with the software.
EXMO, in the meanwhile, is planning to start deposits and withdrawals on December 25 and 26. The firm announced that all user deposits made after December 21 to the date of updating the addresses of deposit wallets in the accounts, will be credited to the users. As soon as the deposit wallet addresses are updated, they will no longer will be credited to old addresses.