We are still investigating the incident, but as of now, the security audit report showed that some amounts of BTC, XRP, ZEC, USDT, ETC and ETH in EXMO’s hot wallets were transferred out of the exchange. We reacted immediately and re-deployed hot wallets. The affected hot wallets comprise near 5% of the total assets. Let us stress that all the assets in the cold wallets are safe.

Most importantly, we want to assure you that if any user fund is affected by this incident, it will be covered completely by EXMO.

The hackers were able to withdraw stolen funds to these addresses:

USDT (ERC20) — 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce
ETH — 0x4BA6B2fF35055aF5406923406442cD3aB29F50Ce
BTC — 1A4PXZE5j8v7UuapYckq6fSegmY5i8uUyq
BCH — qrfrw5q9gag2vp6jc5nlx0haplm2jlhx9vsvxd9u3e
ZEC — t1StUQiw1YyHT515xDxwxjfhEcw2iGSq2yL
XRP — rwU8rAiE2eyEPz3sikfbHuqCuiAtdXqa2v (tag 2033412069)
ETC — 0x4d9EF6846126Da2867AF503448be0508542C971e

We kindly ask all the services and exchanges to block all the accounts that are connected to these wallets. Currently, we are locating the reason for the incident and will keep this list updated.

We reported the case to the London police this morning and keep in touch with the Cybercrime team there. We also will conduct a thorough security review that will include all parts of our systems and data.

In the meantime, we ask you NOT TO DEPOSIT ANY FUNDS TO THE EXISTING EXMO WALLETS. All the withdrawals are suspended at the moment.

We appreciate your understanding and support,