HOLIDAY OFFER: Get the gift of up to $70 of Bitcoin. While supplies last!

Shop now

Enterprise, Thought leadership | 08/23/2021

A Japanese crypto exchange lost millions in a hack: What we can take away from it

Japanese cryptocurrency exchange Liquid was subject to a cyberattack, which incidentally comes at the backdrop of the hacking of Poly Network, a decentralized finance firm.

Japanese cryptocurrency exchange Liquid was subject to a cyberattack, which incidentally comes at the backdrop of the hacking of Poly Network, a decentralized finance firm, within the span of little over a week.

What happened at Liquid

Both these attacks led to the stealing of millions of dollars worth of digital coins and tokens. Liquid put out a tweet, informing that their warm wallets were compromised and of the subsequent movement of assets into their cold wallet. Blockchain analytics companies estimate that the damage could be upwards of $90 million. Liquid has put out a blog post talking about the hack, and they claim that a multi-party computation wallet used by their Singaporean subsidy was targeted by hackers.

Warm wallets

Liquid used the term ‘warm wallets’ instead of hot wallets. Warm wallets are used to manage liquidity between hot and cold wallets. That could mean either a fully automated wallet (hot wallet) where the keys are protected in dedicated secure hardware or a semi-automated wallet where a certain level of human approval is required to move funds. Warm wallets provide better security compared to hot wallets, but they still fall short of being immune to hacking.

“Efficiency of warm wallets as a liquidity management tool is critical in the Japan market to reduce the cost of business. All VASPs in Japan are eager to reduce their Hot wallet exposure,” says Glenn Woo, Head of Sales APAC at Ledger Enterprise Solutions.

Cyber-attacks cause millions in losses

An interesting yet concerning fact to note is that Liquid is one of the world’s top cryptocurrency exchanges in terms of daily trading volumes. And yet, it succumbed to the cyber attack, which has led to the loss of digital assets worth millions and the subsequent operational losses due to suspension of deposits and withdrawals. Stolen digital assets can be easily converted to other cryptocurrencies through decentralized exchanges such as Uniswap. Because of no intermediaries, it is not possible to freeze the assets of the hackers, thus exposing institutional custodians of cryptocurrencies to extreme financial risk in case of a successful cyber attack.

Ledger Enterprise Platform is the perfect solution

MPC alone is not enough. Institutions need to prepare themselves against the risks posed by cyber-attacks. The cases of Liquid and Poly Network are stark reminders of the need to upgrade digital asset custody solutions in order to mitigate the risks associated with the management of crypto assets, especially if the value of the digital assets is in the millions.

Ledger Enterprise provides industry-leading digital asset custody technology for all types of institutions. Ledger Enterprise provides a more secure and efficient alternative to warm wallets while providing better agility in moving crypto assets between hot and cold wallets. Our solution also provides the ability to customize the approval flows and integrate or eliminate automation as required by regulation or internal compliance mechanisms of the company.

Ledger Enterprise is a global technology provider empowering organizations to participate in the digital asset ecosystem securely and at scale. Our Software-as-a-Service delivers treasury management, DeFi, NFT, and Token creation capabilities with secure governance. Visit enterprise.ledger.com if you want to learn more.

Contact us at [email protected] to explore how your organization can mitigate its risks in the best possible way.

Stay in touch

Announcements can be found in our blog. Press contact:
[email protected]

Subscribe to our
newsletter

New coins supported, blog updates and exclusive offers directly in your inbox


Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time using the link included in the newsletter.

Learn more about how we manage your data and your rights.