Main Page > Blog >


AMLT Crypto Alert of the Week - Maplechange Hack

Nov 08, 2018

About Us

Recognized as a global leader in RegTech for blockchain, Coinfirm serves as a foundation for the safe adoption and use of blockchain. The Coinfirm AML/CTF Platform uses proprietary algorithms and big data analysis to provide structured, actionable data that solves compliance and transaction risk issues in blockchain and cryptocurrencies. The blockchain agnostic platform is currently used by anyone ranging from major financial institutions to exchanges. In addition, Coinfirm develops dedicated blockchain solutions such as the data provenance platform Trudatum that was recently integrated by the largest bank in CE.

Follow Us


Welcome to week 13 of the Crypto Alert of the Week series by AMLT, a series dedicated to documenting interesting or high profile frauds/hacks etc that recently happened and have been reported into the AMLT Network and show how the AMLT Network can help track and prevent it in the future.

Sometimes the line between what’s legitimate and what’s fraudulent is very thin. This is very much the case around the situation that a small Canadian cryptocurrency exchange Maplechange has found itself in.

On October 28th, the exchange tweeted about a hack that they sustained informing that the hackers were able to withdraw funds. In order to prevent further losses, the remaining funds were frozen and withdrawals disabled.

What’s curious about this case is that in addition to the aforementioned countermeasures, Maplechange has shut down all of its social media accounts as well as its own site. That’s when the first accusations of this whole happening being an exit scam started to come in. Various entities have reported, that the damage done by the “hack” is estimated at above 900BTC (more than half a million dollars) – later denied by the exchange, claiming that their hot wallet had only ~8 BTC and ~100 LTC that were withdrawn.

Thanks to Twitter, AMLT has been able to get a hold of a couple addresses related to the exchange. An analysis of their transfer history has shown, that the funds got scattered across multiple popular exchanges (including Bittrex and Binance). That itself is not a conclusive proof of any scam or hack, but the exchange was refusing to open withdrawals or refund the stolen cryptos. Their statement, explaining the bug that supposedly allowed the hack to happen says that the exploit was a result of Maplechange rewriting and upgrading their framework, while also omitting the lines that were double-checking the balances. An error like that is either incompetence or a premeditated action

With that in mind, AMLT has decided to mark this case and Maplechange connected addresses as high risk since they failed to provide conclusive proof of the hack, resorting to short and lacklustre statements. Moreover, the disappearance of all their contact options makes it that much more suspicious.

Whenever an attack like this occurs, anyone can report it through AMLT panel or widget at The submitted data is then analyzed and processed by our team and implemented into the Coinfirm AML Platform. Flagging actions like these helps us fight any malicious actors in the crypto space, as seen below on the Coinfirm AML Risk Report created for the Maplechange hot wallet address:

If you're interested in partnering with Coinfirm or becoming an AMLT Network Member then contact us!

Thank you for your continued support and make sure to follow all of our latest updates on Twitter, Facebook, LinkedIn and Telegram Community.

The AMLT Team