KuCoin Exchange Hack
Summary
On September 25, 2020, the KuCoin cryptocurrency exchange suffered a major security breach in which hackers obtained the private keys to the exchange's hot wallets and stole approximately $281 million in Bitcoin, Ethereum, ERC-20 tokens, and other assets — the largest exchange hack of 2020. KuCoin subsequently recovered approximately 84% of stolen funds through on-chain tracking, project-team token swaps, and law enforcement cooperation, with the remaining 16% covered by the exchange's insurance fund. The hack was attributed to North Korea's Lazarus Group by blockchain analytics firm Chainalysis; separately, in March 2024 the U.S. Department of Justice criminally charged KuCoin and two of its founders for operating an unlicensed money transmitting business and Bank Secrecy Act violations, resulting in a $297.4 million guilty plea settlement in January 2025.
Connected Entities
1 entities · 10 linked investigationsTimeline(10 events)
2020-09-25
Hackers begin draining KuCoin hot wallets at approximately 19:05 UTC after obtaining hot wallet private keys. Approximately $281 million in BTC, ETH, ERC-20 tokens, LTC, BSV, XRP, XLM, TRX, and USDT is stolen.
CoinDesk2020-09-26
KuCoin CEO Johnny Lyu hosts a public livestream disclosing the breach, confirms hot wallet private key leakage, re-deploys hot wallets, and suspends deposits and withdrawals. Exchange pledges full user compensation via insurance fund.
KuCoin Official Announcement2020-09-26
Tether freezes stolen USDT tokens on-chain. Partner exchanges begin blacklisting hacker wallet addresses.
CoinDesk2020-10-03
KuCoin CEO Johnny Lyu announces that suspects have been identified with 'substantial proof' and that law enforcement has been formally engaged.
CoinDesk2020-10-01
Chainalysis publishes analysis documenting how hackers used DeFi protocols (Uniswap, KyberSwap) to launder stolen ERC-20 tokens, and later attributes the attack to North Korea's Lazarus Group based on money laundering behavioral fingerprints.
Chainalysis2020-11-11
KuCoin co-founder announces 84% of stolen assets have been recovered via on-chain tracking, contract upgrades, and judicial recovery. Remaining 16% to be covered by the exchange's insurance fund.
CoinTelegraph2020-11-13
Multiple token project teams publicly object to KuCoin's token swap strategy, stating the burden of remediation was improperly shifted to decentralized communities.
CoinDesk2020-11-22
KuCoin resumes deposit and withdrawal services for all supported tokens, approximately eight weeks after the hack.
CoinDesk2024-03-26
The U.S. Attorney's Office for the Southern District of New York unseals a criminal indictment against KuCoin and co-founders Chun Gan and Ke Tang for operating an unlicensed money transmitting business and Bank Secrecy Act violations. This is a separate matter from the 2020 hack.
DOJ SDNY2025-01-28
KuCoin's operating entity PEKEN GLOBAL LIMITED pleads guilty to unlicensed money transmission and agrees to pay $297.4 million in penalties. KuCoin commits to exiting the U.S. market for at least two years. Co-founders Chun Gan and Ke Tang forfeit $2.7 million each and depart the company.
CoinDeskDecision Log
- hash: 4wQzoRFyuwEpvg1Kuh9nSwVS93QVD4588tordfS9fjsy
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 5/31/2026, 6:59:40 AM
last updated: 5/31/2026, 6:59:43 AM
avoid.net — verified advice for a post-truth world