Singapore-based cryptocurrency exchange KuCoin has said that its Twitter account was hacked, allowing threat actors to promote a fraudulent giveaway scam, which resulted in the theft of more than $22.6K worth of cryptocurrency.
"The @kucoincom handle was compromised for about 45 mins from 00:00 Apr 24 (UTC+2). A fake activity was posted and unfortunately led to asset losses for several users," the company tweeted on Monday.
"Please note that ONLY KuCoin's Twitter account was compromised in this incident. We acted immediately to retrieve control of the account from official Twitter support after the incident occurred," it added.
However, the company said that it will fully reimburse all verified asset losses caused by the social media breach and the fake activity.
Although the account was hacked for a brief 45-minute period, the crypto exchange has reported that during that time, 22 Bitcoin and Ethereum transactions were sent by its followers.
This unfortunately gave the hackers enough time to steal a total of $22,628.
"Until 02:00 Apr 24 (UTC+2), we have identified 22 transactions including ETH/BTC associated with the fake activity, with a total value of 22,628 USD," KuCoin said.
Moreover, the company mentioned that the KuCoin team will implement additional security measures to fortify the protection of their social media accounts, in addition to Twitter's existing 2FA (two-factor authentication).
"We are also conducting a thorough investigation of the incident with Twitter to prevent similar occurrences in the future," the company stated.
In 2020, over $150 million is estimated to have been emptied in a hack of KuCoin.
KuCoin confirmed the security incident saying that it detected some large withdrawals.
It found that part of Bitcoin, ERC-20 and other tokens in KuCoin's hot wallets were transferred out of the exchange.