Main navigation

JUST IN: KuCoin Hackers Have Sent Two Messages in Vanity Addresses. U.Today Decoded Them

Mon, 09/28/2020 - 12:32
article image
Vladislav Sopov
"Bitcoin Message. Epic Hack Homie. Not Your Keys Not Your Coins." Take one more privacy lesson from KuCoin scammers
JUST IN: KuCoin Hackers Have Sent Two Messages in Vanity Addresses. U.Today Decoded Them
Cover image via
Read U.TODAY on
Google News

The vanity addresses feature in the Bitcoin (BTC) network allows users to customize the public (visible) key of a user's wallet. Several times this opportunity was used by hackers to send humiliating letters to their victims and community. It looks like the recent devastating KuCoin hack was not an exception.

"Bitcoin Message. Epic Hack Homie"

Today, Sept. 28, the team at KuCoin Singapore-based cryptocurrency exchange has updated the official post-mortem on its latest multi-million BTC hack. Three address in the Bitcoin (BTC) network were mentioned there as "suspicious" among Ethereum (ETH), Tether (USDT), XRP, Litecoin (LTC), Stellar (XLM) and other major network wallets.

KuCoin shared suspicious addresses
Image by KuCoin

The activity on the three aforementioned address can be tracked using the Bitcoin (BTC) blockchain explorer. It shows that the first address, 1NRsEQRg5EjmJHbPUX7YADVPcPzCQBkyU7, was involved in some transactions with vanity addresses yesterday, Sept. 27. The owner of these addresses shared some words with us.

KuCoin hackers shared some messages
Image by Blockchair

Should we remove some symbols from the vanity addresses, we can read mocking messages recalling one of the oldest Bitcoiner mottos:

BTC Message. Epic Hack Homie. Not Your Keys Not Your Coins. Send Me 1 BTC.

Another two addresses are also interacting with the "vanity wallets." An analysis of the activity of the addresses 12FACbewf5Fy9nmeaLQtm6Ugo5WS8g2Hay and 1TYyommJW3uhjhcnHhUSuTQFqSBAxBDPV shows a close reader another message from the hackers.

KuCoin hackers recall the importance of Bitcoin (BTC) transaction outputs
Image by Blockchair

Hackers admitted that such an attack is very painful for victims and recommended that people be very cautious about  transaction outputs. They also added numerous threats using adult language.

Should we use Monero?

In July of this year, when the Twitter accounts of celebrities and cryptocurrencies services were massively hacked, malefactors also shared some announcements using vanity addresses. They stressed that Bitcoin transactions can be tracked easily and recommended that crypto enthusiasts use Monero (XMR) instead.

Eagle-eyed Bitcoiners could read their messages as:

Just read transaction outputs. You take a risk when you use Bitcoin for your Twitter game. Bitcoin is traceable. Why not Monero?

It should be noted that the same tactics were used by the KuCoin hackers. Vanity addresses are used along with the target one, but only tiny fractions of Bitcoin (BTC) are actually sent to them.

article image
About the author

Blockchain Analyst & Writer with scientific background. 6+ years in IT-analytics, 3+ years in blockchain.

Worked in independent analysis as well as in start-ups (, Monoreto, Attic Lab etc.)