Welcome to week 13 of the Crypto Alert of the Week series, dedicated to documenting interesting or high profile frauds/hacks etc that recently happened and have been reported into the AMLT Network and show how the AMLT Network can help track and prevent it in the future.
Sometimes the line between what’s legitimate and what’s fraudulent is very thin. This is very much the case around the situation that a small Canadian cryptocurrency exchange Maplechange has found itself in.
On October 28th, the exchange tweeted about a hack that they sustained informing that the hackers were able to withdraw funds. In order to prevent further losses, the remaining funds were frozen and withdrawals disabled.
What’s curious about this case is that in addition to the aforementioned countermeasures, Maplechange has shut down all of its social media accounts as well as its own site. That’s when the first accusations of this whole happening being an exit scam started to come in. Various entities have reported, that the damage done by the “hack” is estimated at above 900BTC (more than half a million dollars) – later denied by the exchange, claiming that their hot wallet had only ~8 BTC and ~100 LTC that were withdrawn.
Thanks to Twitter, AMLT has been able to get a hold of a couple of addresses related to the exchange. An analysis of their transfer history has shown, that the funds got scattered across multiple popular exchanges (including Bittrex and Binance). That itself is not conclusive proof of any scam or hack, but the exchange was refusing to open withdrawals or refund the stolen cryptos. Their statement, explaining the bug that supposedly allowed the hack to happen says that the exploit was a result of Maplechange rewriting and upgrading their framework, while also omitting the lines that were double-checking the balances. An error like that is either incompetence or a premeditated action
With that in mind, AMLT has decided to mark this case and Maplechange connected addresses as high risk since they failed to provide conclusive proof of the hack, resorting to short and lackluster statements. Moreover, the disappearance of all their contact options makes it that much more suspicious.
Whenever an attack like this occurs, anyone can report it through the AMLT panel or widget at https://amlt.coinfirm.com/ The submitted data is then analyzed and processed by our team and implemented into the Coinfirm AML Platform. Flagging actions like these help us fight any malicious actors in the crypto space, as seen below on the Coinfirm AML Risk Report created for the Maplechange hot wallet address:
If you’re interested in partnering with Coinfirm or becoming an AMLT Network Member then contact us!
The Coinfirm Team