Cyber Incident Victim: Lykke
Date:
Jun 2024
Location:
Switzerland
Summary
A cyberattack targeted the Zug-based cryptocurrency exchange Lykke, resulting in the theft of $22 million. Hackers breached the company's corporate network and deceived a partner firm into transferring cryptocurrency assets to their address under the belief they were acting on legitimate instructions. The exchange remains temporarily closed, preventing customers from accessing their accounts or trading, though the CEO asserts neither the firm's survival nor customer funds are endangered. External specialists are conducting system audits to identify vulnerabilities and prevent recurrence, while efforts to trace and potentially recover the stolen assets are underway. The company plans to compensate users for the disruption and intends to prioritize security and resilience enhancements in future development.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On June 4, 2024, Lykke, a Zug-based cryptocurrency exchange recognized as a pioneer in Switzerland’s Crypto Valley, suffered a cyberattack resulting in the theft of $22 million in digital assets. Attackers infiltrated Lykke’s corporate network and manipulated an unspecified partner firm into authorizing fraudulent cryptocurrency transfers to hacker-controlled addresses. The partner entity, believing it was acting on legitimate instructions from Lykke, processed the transactions despite their atypical nature, failing to trigger internal security alerts. Founder and CEO Richard Olsen publicly confirmed the breach shortly afterward, announcing the immediate closure of the exchange platform. This suspension indefinitely blocked Lykke’s customers from accessing their accounts or conducting trades, mirroring historical incidents like the Mt. Gox collapse where user funds were irrecoverably lost.
Lykke initiated a comprehensive forensic investigation with external cybersecurity specialists to identify network vulnerabilities and prevent recurrence. The company emphasized blockchain transaction traceability as a potential avenue for recovering some or all stolen funds. Olsen assured customers that neither Lykke’s operational viability nor client assets faced jeopardy, though he declined to specify a timeline for restoring services. Compensation for service disruptions was pledged, with Olsen framing the incident as a critical security lesson ahead of planned business expansion. He noted the attack would refocus development priorities on resilience, anticipating customer appreciation for strengthened safeguards. System maintenance and security upgrades continued post-incident, with no public disclosure of technical specifics regarding the network breach or partner firm’s role.