On April 24, KuCoin, a cryptocurrency exchange, notified its users that their Twitter account had been compromised for around 45 minutes. The company stated that “fake activity” was posted on the social media account, leading to several user asset losses. However, the losses were minimal, around $22,628 in USDT, and the exchange promised to reimburse victims.
1/ The @kucoincom handle was compromised for about 45 mins from 00:00 Apr 24 (UTC+2). A fake activity was posted and unfortunately led to asset losses for several users. KuCoin will fully reimburse all verified asset losses caused by the social media breach and the fake activity.
— KuCoin (@kucoincom) April 24, 2023
KuCoin confirmed that only its Twitter account had been hacked, and it had managed to regain control over it quickly. The company identified 22 transactions associated with the fake activity, including ETH and BTC. The exchange is currently examining and blocking suspicious addresses to prevent more users from being harmed.
2/ Please note that ONLY KuCoin's Twitter account was compromised in this incident. We acted immediately to retrieve control of the account from official Twitter support after the incident occurred. We want to reassure you that your assets on KuCoin are secure.
— KuCoin (@kucoincom) April 24, 2023
The KuCoin team will implement additional security measures to fortify the protection of its social media accounts. The company is also conducting a thorough investigation of the incident with Twitter to prevent similar occurrences in the future. However, it’s still unclear whether the Twitter takeover was an inside job or not.
The exchange itself was not compromised, so the impact was limited to the social media platform. Despite this, the KuCoin native token (KCS) has lost 11% over the past week as crypto markets pulled back. KCS is currently down 72% from its December 2021 all-time high of $28.83.
KuCoin is one of many cryptocurrency exchanges facing regulatory heat in the United States. Regulators could use the incident to highlight the need for stricter security measures and protocols for the protection of users’ funds and data.
