British cryptocurrency exchange Lykke suffered a major setback with a loss of $22 million in a cyberattack, prompting the abrupt halt of trading operations on June 10. The security breach, which occurred last week, forced the exchange to suspend trading and withdrawals to prevent further damage.
In an official statement, Lykke confirmed the cyberattack and disclosed that they had identified the IP address of the perpetrator, initiating an investigation into the incident. Prior to this announcement, on-chain investigator SomaXBT had already raised concerns about the breach, revealing that hackers made off with 158 BTC and 2,161 ETH totaling $19.5 million. MetaMask developer Taylor Monahan later confirmed that the total stolen assets amounted to $22.4 million.
Further investigation revealed that the hacker laundered the stolen Ether by converting them to DAI, an algorithmic stablecoin, issued by MakerDAO, and transferred the Bitcoins to multiple wallets. This tactic is commonly used by hackers to obfuscate the source of the stolen funds.
The cyberattack on Lykke came on the heels of a warning issued by the UK’s Financial Conduct Authority (FCA) against the exchange for promoting unauthorized financial services. The FCA cautioned UK investors to exercise caution when dealing with Lykke, as the exchange was unregistered, leaving investors without the protection of the Financial Services Compensation Scheme (FSCS) and the ability to file complaints with the Financial Ombudsman Service.
The incident at Lykke is just one in a series of security breaches that have plagued the cryptocurrency industry in recent weeks. Following the DMM Bitcoin hack on May 31, where cybercriminals stole 4,502.9 BTC ($320 million), the industry has been on high alert. Despite efforts by the Japanese exchange to raise funds for compensation, the hack remains one of the largest in the history of crypto exchanges, highlighting the ongoing vulnerabilities within the sector.
The total value of stolen crypto assets in 2024 has already exceeded $600 million, surpassing the figures from the previous year. This alarming trend underscores the urgent need for heightened security measures within the industry to protect investors and prevent further cyberattacks.
