The Hacking Process and Its Implications: The Liquid Exchange Incident

In the digital age, cybersecurity incidents have become all too common, affecting not just individual users but large corporations and platforms.

One of the most significant incidents in recent times was the hacking of Liquid Exchange in August 2021, where hackers managed to steal approximately $90 million worth of virtual assets.
This event served as a stark reminder of the vulnerabilities that exist within digital financial systems and the sophisticated methods employed by cybercriminals to exploit them.

The Hacking Incident at Liquid Exchange

On August 19, 2021, Liquid Exchange, a prominent Japanese cryptocurrency platform, fell victim to a cyber-attack that led to the loss of a vast array of digital assets, including Bitcoin (BTC), Ethereum (ETH), Tron (TRX), and Ripple (XRP).

The hackers targeted the exchange's warm wallets, transferring the stolen assets to various addresses they controlled.

Investigation and Tracking

The immediate response from Liquid Exchange was to announce the breach and share the addresses to which the stolen assets were moved, kickstarting an extensive investigation.

Using advanced tracking tools and forensic analysis, Sentinel Protocol's team was able to map out the complex laundering process employed by the hackers.
This process involved converting stolen tokens into Ethereum through swapping wallets and then attempting to obscure the origins of these assets using the privacy mixer service, Tornado Cash.

Key Findings and Further Investigations

The investigation revealed a meticulously planned operation, with the hackers deploying a multi-step process to launder the stolen funds.

The involvement of over 25 wallets in the laundering process underscored the complexity of tracking and recovering illicitly obtained assets.
Furthermore, the analysis identified possible scenarios regarding the hackers' operations post-laundering, including potential errors that could link the laundered funds back to them.

Since the September 2021 issue detailing these events, the crypto community has been on high alert, with ongoing efforts to enhance security measures and tracking capabilities. Additional investigations have shed more light on the tactics used by cybercriminals, emphasizing the need for continuous monitoring and collaboration between exchanges, security teams, and regulatory bodies.

Involved Wallets

A total of 25 wallets on the Ethereum chain were involved in the money laundering process. These were categorized into five main types for easier understanding: hacker's wallets, swapping wallets, storage wallets, exchange wallets, and money laundering wallets.

• Swapping Wallets
   Used by hackers to exchange stolen tokens for ETH, involving various decentralized exchanges (DEXs) like 1inch, Uniswap, and SushiSwap.

• Storage Wallets
    Served as interim wallets where stolen assets were consolidated without further movement.

• Exchange Wallets
    Identified movement of stolen assets to Huobi and Bilaxy exchanges.

• Money Laundering Wallets
    Showed that after swapping to ETH, these assets were sent back to the hacker's main wallet or other wallets for laundering through Tornado Cash.

Implications for the Crypto Community

The Liquid Exchange hacking incident serves as a critical lesson for the cryptocurrency industry.

It highlights the importance of robust security measures, including the secure storage of assets in cold wallets and the need for constant vigilance against phishing and other social engineering attacks.

For individual users, it reinforces the importance of using exchanges that prioritize security and have clear procedures in place for responding to incidents.

Moreover, the incident has spurred further innovation in tracking and security technologies. Advanced tools like Crypto Analysis Transaction Visualization (CATV) and Crypto Asset Monitor Service (CAMS) are now at the forefront of efforts to secure the blockchain ecosystem and ensure the traceability of digital assets.

Moving Forward

As the cryptocurrency market continues to grow, so too does the sophistication of threats against it.

The hacking of Liquid Exchange is a reminder of the perpetual cat-and-mouse game between cybercriminals and security professionals. It underscores the necessity for ongoing investment in security infrastructure, user education, and regulatory frameworks that can adapt to the evolving landscape of digital finance.

The future of cryptocurrency security lies in the hands of the entire community - from exchanges and users to security experts and regulators. Together, through shared knowledge, collaboration, and the deployment of cutting-edge technology, the digital asset ecosystem can become more resilient against the threats it faces.