QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
$3 300 000 USD
DECEMBER 2020
RUSSIA
LIVECOIN
DESCRIPTION OF EVENTS
"Livecoin [was] a cryptocurrency exchange registered in the Seychelles." "According to CoinMarketCap, Livecoin is ranked as the 173rd cryptocurrency exchange on the internet, with roughly $16 million in daily transactions. The site has been active since March 2014." "Livecoin Exchange [was] a service for sale and purchase of cryptocurrency for [cryptocurrency] and for fiat money with large variety of trading tools; bots trading and arbitrage is also available and allowed. Our Customers may exchange, buy, sell, play on the rates fluctuations and make profits – same as at conventional exchanges. Except here they are dealing with a new type of money – cryptocurrency, which gives more room for maneuver and higher potential profit." "Livecoin [was] a modern, safe Trading Platform for accessing cryptocurrency exchange markets with very simple interface and low trading fees. Our own API is easy-to-use, supplied with an instructional manual. Our Support Service communicates in Russian, English and Chinese and replies to the Customers’ tickets 7 days a week within working hours (UTC+3)."
"Our team of young, dashing, idea-inspired experts created a new Trading Platform - the Livecoin Exchange, designed to help motivated people to benefit from the great opportunities offered by unique technology of decentralized distributed access to digital assets. In the world of cryptocurrencies there are no distances, boundaries, differences in races and religions, the people are united into a community of free individuals, realizing their potentials at their own free will. We believe, that on the basis of our Exchange this community will find it both convenient and beneficial to pursue their goals, to grow their capitals, to take chances and to win." "CEO: IVONA ZLATOVA"
"There [was] rather limited information available on Livecoin exchange in terms of its ownership, registration, and seat of address. To an extent, this is in keeping with the cryptocurrency philosophy and there aren’t any scam stories around Livecoin. Some potential users of the exchange may have an issue with this lack of information and others be comfortable with it." "The ownership of Livecoin is rumored to be Russian and while, again, it was impossible to find any information to back this up there are hints that there may be something to it in the fact that educational materials and other resources in Russian feature prominently. Rubles are also one of three fiat currencies (the other two are EUR and USD) that fiat deposits can be made in the small selection of e-payment processors fiat deposits are processed by are also those common to the Russian market." "As KYC and verification is not mandatory at this exchange, US-investors may trade here as well. At least the exchange will not prohibit them from trading. However, any US-investors interested in trading here should in any event form their own opinion on any issues arising from their citizenship or residency."
"Several online sources and reviews state[d] that Livecoin was established in 2013 by a holding company called Delta E-Commerce, based in London and with servers in the U.S.A. However, we were not able to find any information to corroborate this and company details are not mentioned anywhere onsite, including in user and privacy agreements or contact details sections of the website." "Livecoin proudly states that they are a modern and secure platform for accessing cryptocurrency exchange markets. They also pride themselves with having a “very simple interface”" "To protect your funds we use a cold storage system. You may also restrict access to your account by using GoogleAuthenticator system and a white list of IP addresses.", the site said when it first appeared as early as June 2, 2017. The site appears to have undergone a significant period of downtime in 2018 before emerging again in 2019.
"Livecoin was hacked over the night of 23-24 [December] 2020. The hackers presumably extorted Livecoin, as they have left the following message on the exchange's landing page:" "Oops! Time is over Livecoin!"
"The Russian exchange said in a web post it has “lost control of all of our servers, [backend] and nodes” and pleaded with clients to cease making deposits, trading or interacting with the exchange. “We were not able to stop our service in time,” the post said." "At the time of the hack, Livecoin announced that it had been the victim of a carefully planned attack, noting that its servers were infiltrated in a technical and advanced manner." A later notice read "We're fighting hard to get back our servers, nodes, and funds. We're working 24/7."
"Hackers appear to have taken control of the Livecoin infrastructure and then proceeded to modify the exchange rates to gigantic and unrealistic values." "RIP @livecoin_net apparently...prices x10 across the board as users scramble to a liquid coin that is still withdrawable. Not many of these last gen exchanges left anymore, for good reason"
"Once the exchange rates were modified, the mysterious attackers began cashing out accounts, generating gigantic profits." "At the time, 106 BTC, 361 ETH, and 236 BCH had been stolen from the exchange." "According to The Block Research, users lost at least $3.3 million worth of funds at the attack time." "In terms of coins and tokens, Livecoin users lost 106 bitcoin (BTC), 380 ether (ETH), 236 bitcoin cash (BCH), 567,000 XRP, 66.8 million DOGE, 56,000 Tether (USDT), and some other ERC-20 tokens, per The Block Research." "As Livecoin asked users to stop all activity, the threat actors began cashing out, reaping profit in the process." "Livecoin claimed to have lost control of its "servers, backend, and nodes," and was unable to stop the attack from occurring."
"But some users called foul. In a forum thread, Livecoin users said that withdrawals had been halted up to 24 hours before the attack. Likewise, it was suspicious that a sophisticated hacker had used the same wallet for two different hacks. The move seemed too unprofessional to many on the forum." "Some have suggested that an exit scam is in play, which is a popular method for cryptocurrency exchange operators to vanish with user funds while claiming external cyberattackers have stolen cryptocurrencies held by a victim organization." "Some frustrated users believed the hack was in fact an exit scam in which Bitcoin’s price was artificially inflated allowing for those in charge to cash out."
"The cryptocurrency exchange said law enforcement had been notified of the security incident." "We apologize for an existing situation and ask you to keep calm, including your conversation with support officers," Livecoin added. "Our service and team bear hard losses as well as our clients. In case of abuse and threats in conversation, the claim can be declined."
"Livecoin announced in a note that it is shutting its business and refunding its clients." "“Our service has been damaged hard in technical and financial way,” the exchange said in the note. “There is no way to continue operative business in these conditions.”" "The company decided to pay what funds remained to its clients. Clients were asked to email verification@livecoin.news in order to verify their identities in order to retrieve what funds they may have had left."
"[O]ne apparent user of the service has posted what is claimed to be an extensive list of documentation and personal information to verify claimant identities, including passport/ID scans, selfies, places of residence, primary device data for logging in to Livecoin, and video footage. On Twitter, the request for this vast array of personal data has prompted speculation around its legitimacy."
"March 17, 2021, is the last day users can request an account payout, the note stated. The exchange warned its customers to be wary of fraudsters claiming to be Livecoin representatives who could try to scam them by demanding payment in exchange for their refund."
"We apologize for an existing situation and ask you to keep calm, including your conversation with support officers. Our service and team bear hard losses as well as our clients. In case of abuse and threats in conversation, the claim can be declined."
"Dear clients, we have done accepting applications for payouts. New applications submitted starting from 18/03 are not accepted. All received applications will be processed." "Please do not send duplicate / multiple letters. By doing this, you move your request to the end of the queue. Requests with balances up to $10000 are paid in full after complete of verification and posting proper messages about getting payment from us. All other clients with higher balances will be notified of the payment procedure after procession of ALL submitted applications."
"Dear clients, we would like to finalize our payments as soon as possible, so we ask you to send documents for verification ASAP. Due to this matter, we ask you to provide documents not later than 5 days since you got our reply to your letter. Please, remember, that requests are to be processed from clients who sent the letter not later than March 17. Everything is simple: you sent a request not later than March 17, you got our reply, you have to send documents not later than 5 days since our reply. Otherwise, if we will be bound to unlimited waiting, we wouldn't be able to process finalize our payments to clients with significant balances."
"Final update. Dear clients, we have almost done payments to clients who hold up to $10000. In the near time (1-2 weeks) we run final payments to clients who hold over $10000. After that, our liabilities will be closed and this website discontinued."
"We also want to notify our clients, that there is a group of people who try to delay/stop our payments. Our accounts in social networks already suspended. Our new domain and hosting are being under permanent attack aimed to stop serving hosting and domain. If this attempts will be successful, we will not be able to finish our payments because of loosing capability to talk with our clients. If this occurred, we advise clients to contact our domain registrator or hosting provider with request of getting contacts of people abusing us and take actions to them on your own choice."
According to the company's site, they used cold storage. The site does not mention any use of multi-signature wallets, and it would appear to be very clear that their cold storage was not effective at preventing the theft of a significant amount of client funds.
There are a range of things which happened in the downfall, including taking over the site and social media, an apparent extortion prior, and numerous theories of exit scams. The full story is still not quite available, and some aspects may be contradictory.
HOW COULD THIS HAVE BEEN PREVENTED?
The fundamental issue is that customers have lost funds, due to funds not being stored properly in air-gapped wallets, and the lack of any multi-signature setup. It is clear that the company also lacked resources or assistance to deal with the situation.
Hack Shuts Down Crypto Exchange Livecoin (May 24)
Livecoin - #1 Cryptocurrency Supplier (May 24)
Livecoin Exchange Announces Closure After December Hack - CoinDesk (Jun 5)
Crypto Exchange Livecoin Begs Users to Stop Trading After Losing Control of Servers - CoinDesk (Jun 5)
Livecoin - #1 Cryptocurrency Supplier (Jun 5)
Livecoin - About us (Jun 5)
Livecoin - A convenient way to buy and sell Bitcoin (Jun 5)
Livecoin Closes Permanently Following Suspicious Hack - BeInCrypto (Jun 5)
@cryptoaml_bot Twitter (Jun 5)
@VEROSFP Twitter (Jun 5)
Livecoin – Reviews, Trading Fees & Cryptos (2021) | Cryptowisser (Jun 5)
Livecoin slams its doors shut after failing to recover from hack, financial loss | ZDNet (Jun 5)
Telegram: Contact @livecoinrus (Jun 5)
Russian crypto-exchange Livecoin hacked after it lost control of its servers | ZDNet (Jun 5)
@ceo_run Twitter (Jun 5)
@thebenp Twitter (Jun 5)
@cryptorangutang Twitter (Jun 5)
Livecoin Exchange Review (Jun 5)
LiveCoin Exchange Review by FXEmpire - YouTube (Jun 5)
Russian crypto exchange Livecoin is shutting down after a claimed attack that caused a $3.3 million loss to users (Jun 5)
Livecoin Facebook Page (Jun 5)
Livecoin.net hacked! : CryptoCurrency (Jun 5)
WARNING: BTC reached 142 000 USD on Livecoin.net BTC/ETH withdrawals halted : CryptoCurrency (Jun 5)
SlowMist Hacked - SlowMist Zone (Jun 26)
