Lykke cryptocurrency exchange was forced to suspend withdrawals following a security breach on June 4, as per a social media announcement on June 10. The exchange assured its users that their funds were secure and would be recovered.
The attack impacted both Lykke UK and Lykke Corp AG, as stated in the announcement. Withdrawals were temporarily halted as a precautionary measure, according to a subsequent post in the same thread.
Established in 2015 and headquartered in Switzerland, Lykke is a centralized cryptocurrency exchange that prides itself on being a “no fee crypto exchange” and traces its origins back to a well-known forex broker.
On June 9, blockchain security researcher SomaXBT claimed to have identified the breach. They accused the team of trying to conceal the security incident, alleging that “@lykke CTX got exploited and lost $19.5 million worth crypto assets but team still trying to hide this fact.” SomaXBT provided a screenshot of a Discord message purportedly from the team, stating that the exchange was undergoing “an unscheduled full system maintenance.”
A Lykke user raised concerns on June 8, reporting that the exchange was experiencing issues and speculating about a possible hack.
In response to the attack, the Lykke team issued a statement on June 10 expressing regret to affected users. They apologized for any inconvenience and worry caused by the incident, assuring users that the exchange had sufficient capital reserves and a diverse portfolio to withstand potential losses and protect client funds.
The team disclosed that they had identified the IP addresses of the attacker for a criminal investigation and had enlisted a cybersecurity team to recover the stolen assets. The estimated loss from the attack exceeded $22 million.
Centralized exchanges have been increasingly targeted by hackers, with another recent incident involving Rain exchange, which was hacked for $14.1 million two weeks prior to April 19. Rain promptly addressed the breach, affirming that customer funds were secure as they had covered the losses from their own reserves.
In a separate incident, Japanese exchange DMM suffered a $305 million loss in Bitcoin due to a private key hack.