Cryptocurrency exchange KuCoin has come to the fore again after new claims by blockchain researcher ZachXBT. ZachXBT claimed that some of the deposit addresses used in the $250 thousand cryptocurrency theft, which was reported to be linked to malware called Atomic Stealer on August 18, 2025, were related to KuCoin.
Deposit addresses are at the center of the allegations
In its review shared on Telegram, ZachXBT included a wallet address linked to the theft and five deposit addresses that it claimed were linked to KuCoin. ZachXBT claimed that the purchased intermediary KYC method, which points to accounts verified with other people’s credentials, may have been used in the accounts used in this process. These claims have not been confirmed by the court decision or KuCoin’s official statement.
Mini dictionary: KYC is the customer identification process implemented by financial platforms to verify user identity. AML refers to control and audit obligations to prevent money laundering.
Among the shared documents was a message claimed to belong to KuCoin Customer Services and Support Team. While the message stated that users’ right to apply through legal and regulatory channels was respected, it was warned that false or unlawful statements may be subject to legal claims.
The message attributed to KuCoin included a warning that users’ right to legal recourse was respected, but that false or unlawful statements could lead to legal action.
The debate grew on social media
The issue gained wider coverage after DNBWIZARD from the crypto community shared the screenshot in question on the X platform. DNBWIZARD argued that KuCoin threatened him with legal action. KuCoin did not publicly respond to the allegations and did not confirm the accuracy of the shared message.
KuCoin is known as one of the long-running global platforms among centralized cryptocurrency exchanges. The name of the company also came to the fore with a lawsuit that was concluded in the USA at the beginning of 2025.
The litigation process in the USA was remembered again
The US Department of Justice announced in January 2025 that KuCoin pleaded guilty to charges of operating an unlicensed money transfer business and agreed to pay a penalty of over $297 million. The prosecutor’s office had reported that the exchange did not establish effective AML and KYC checks, which allowed suspicious transactions to pass through the platform.
This process developed following the accusations against KuCoin and two of its founders in March 2024. Authorities claimed that the exchange processed billions of dollars of suspicious and criminal funds between 2017 and 2024.
| Subject | History | Detail |
|---|---|---|
| New theft claim | 18 August 2025 | $250 thousand loss and 5 addresses allegedly linked to KuCoin |
| US compromise | January 2025 | Fines of over $297 million |
| Initial impeachment process | March 2024 | Alleged suspicious fund flows between 2017 and 2024 |
Similar to previous investigations
The new allegations reminded us of other investigations in which previously stolen crypto assets were tracked through KuCoin deposit addresses. Earlier in the year, ZachXBT announced that the fake Ledger Live application stole at least $9.5 million from more than 50 victims. Blockchain analysis noted that assets were linked to more than 150 KuCoin deposit addresses before being transferred to a central mixing service.
ZachXBT previously disclosed that in a theft of at least $9.5 million linked to the fake Ledger Live app, the funds were traced to more than 150 KuCoin deposit addresses.
In a separate investigation, it was reported that stolen assets linked to a person identified as AudiA6 also reached KuCoin-related addresses. ZachXBT pointed out that recovery of assets in such cases often requires the cooperation of law enforcement and cryptocurrency exchanges.
Towards the end of 2025, KuCoin expanded its presence in the regulatory field by obtaining a MiCA license in Austria through its European subsidiary. But regulators in Austria later blocked the unit from accepting new clients, citing concerns about its compliance staff.
