Skip to main content
Sign in
KuCoin5 decisions on this page

Audit log

Every state-changing event for KuCoin: moderation decisions on community submissions, plus corrections and updates from the news pipeline. URL-based decisions carry three independent witnesses — the original source, an Internet Archive snapshot taken at submission time, and a Solana memo signed by our publicly-disclosed publisher key.

  1. #1publishby system:backfill
    2026-05-25 17:56:56Z
    Score: ?? (no score change)
    anchoranchored
    chain
    mainnet-betaslot 422,117,234
    sig
    5aesZzEP7WKP…7tfXTyb2explorer ↗
    hash
    5GYqNaxTaYEV…2DBrXFibsha256 → base58
    verifying row…full verify ↗
    canonical bytes (8754 B) ▸
    {"actor":"system:backfill","investigation_id":"0c56d875-ca56-4175-b95f-c50e5fe7e1a2","kind":"publish","page_slug":"kucoin","published_at":"2026-05-25T17:56:56.798Z","sequence_num":1,"snapshot":{"content_type":"investigation","entity_name":"KuCoin","sections":[{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.justice.gov/usao-sdny/pr/prominent-global-cryptocurrency-exchange-kucoin-and-two-its-founders-criminally","type":"other","url":""},{"credibility":3,"name":"https://en.wikipedia.org/wiki/KuCoin","type":"other","url":""},{"credibility":3,"name":"https://protos.com/the-rise-and-fall-of-kucoin/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.chainalysis.com/blog/lazarus-group-kucoin-exchange-hack/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/markets/2020/09/26/over-280m-drained-in-kucoin-crypto-exchange-hack","type":"other","url":""},{"credibility":3,"name":"https://hacken.io/insights/kucoin-september-2020-hack-hacken-research/","type":"other","url":""},{"credibility":3,"name":"https://cryptopotato.com/kucoin-ceo-reassures-they-recovered-all-285-million-stolen-in-last-years-hack/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.justice.gov/usao-sdny/pr/prominent-global-cryptocurrency-exchange-kucoin-and-two-its-founders-criminally","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/policy/2025/01/28/kucoin-hit-with-nearly-usd300-million-fine-after-pleading-guilty-to-u-s-doj-charges","type":"other","url":""},{"credibility":3,"name":"https://wp.nyu.edu/compliance_enforcement/2025/03/07/cryptocurrency-exchange-kucoin-pleads-guilty-to-unlicensed-money-transmission-agrees-to-pay-more-than-297-4-million-in-criminal-forfeiture-fine/","type":"other","url":""},{"credibility":3,"name":"https://cointelegraph.com/news/justice-department-charges-kucoin-money-laundering","type":"other","url":""},{"credibility":3,"name":"https://fortune.com/crypto/2024/03/26/kucoin-criminal-crypto-binance-doj-cftc-justice-sdny/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cftc.gov/PressRoom/PressReleases/8884-24","type":"other","url":""},{"credibility":3,"name":"https://cryptonews.com/news/kucoin-block-us-traders-cftc-penalty/","type":"other","url":""},{"credibility":3,"name":"https://www.analyticsinsight.net/news/crypto-exchange-kucoin-settles-cftc-case-with-500000-civil-penalty/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://iclg.com/news/23114-canada-slaps-kucoin-with-usd-14-million-fine-over-aml-failings","type":"other","url":""},{"credibility":3,"name":"https://coincodex.com/article/73796/kucoin-canada-19-million-aml-fine-appeal/","type":"other","url":""},{"credibility":3,"name":"https://www.theglobeandmail.com/business/article-fintrac-issues-nearly-20-million-penalty-against-crypto-exchange/","type":"other","url":""},{"credibility":3,"name":"https://bitemycoin.com/news/canadas-fintrac-fines-kucoin-19-5m-for-aml-violations-ahead-of-fatf-review/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.cryptotimes.io/2026/04/14/zachxbt-claims-kucoin-enabled-laundering-of-over-13m-in-recent-thefts/","type":"other","url":""},{"credibility":3,"name":"https://www.banklesstimes.com/articles/2026/05/22/kucoin-ignored-hack-victims-and-police-appeals-zachxbt-says/","type":"other","url":""},{"credibility":3,"name":"https://www.livebitcoinnews.com/zachxbt-accuses-kucoin-of-ignoring-crypto-crime-victims/","type":"other","url":""},{"credibility":3,"name":"https://www.cryptotimes.io/2026/05/20/kucoin-faces-scrutiny-after-user-traces-scam-funds-to-wallet/","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-charged-with-aml-violations-that-let-cybercriminals-launder-billions/amp/","type":"other","url":""},{"credibility":3,"name":"https://www.orrick.com/en/Insights/2024/03/US-Indicts-KuCoin-What-It-Means-for-Cryptocurrency-Companies-Offering-Money-Transmission-Services","type":"other","url":""},{"credibility":3,"name":"https://blog.volkovlaw.com/2024/03/doj-and-cftc-bring-charges-against-crypto-exchange-kucoin-for-aml-and-kyc-failures/","type":"other","url":""},{"credibility":3,"name":"https://www.coindesk.com/business/2024/03/26/crypto-exchange-kucoin-violated-anti-money-laundering-laws-us-charges","type":"other","url":""}]},{"content":"","heading":"","severity":"medium","sources":[{"credibility":3,"name":"https://www.justice.gov/usao-sdny/pr/prominent-global-cryptocurrency-exchange-kucoin-and-two-its-founders-criminally","type":"other","url":""},{"credibility":3,"name":"https://beincrypto.com/kucoin-multibillion-criminal-conspiracy/","type":"other","url":""},{"credibility":3,"name":"https://www.bleepingcomputer.com/news/cryptocurrency/kucoin-charged-with-aml-violations-that-let-cybercriminals-launder-billions/amp/","type":"other","url":""},{"credibility":3,"name":"https://www.chainalysis.com/blog/lazarus-group-kucoin-exchange-hack/","type":"other","url":""}]}],"sources_used":[],"summary":"KuCoin is a global cryptocurrency exchange founded in 2017 that has accumulated one of the most serious regulatory and security records in the industry. The exchange suffered a $285 million hot-wallet hack in September 2020 attributed to North Korea's Lazarus Group, and in January 2025 pleaded guilty to operating an unlicensed money transmitting business in the United States, agreeing to pay over $297 million in fines and forfeitures and exit the US market for at least two years. On-chain investigator ZachXBT has publicly alleged that KuCoin continues to enable illicit fund flows by ignoring victim and law enforcement requests.","timeline":[{"date":"2017-09-01","event":"KuCoin exchange launched by founders Chun Gan, Ke Tang, and Johnny Lyu following a 5,500 BTC ICO raise.","source":""},{"date":"2018-01-01","event":"KuCoin relocates headquarters from China to Singapore amid Chinese government cryptocurrency restrictions.","source":""},{"date":"2018-11-01","event":"KuCoin raises $20 million in Series A funding led by IDG Capital, Matrix Partners, and Neo Global Capital.","source":""},{"date":"2020-09-26","event":"KuCoin hot wallets compromised; private keys stolen. Approximately $281-$285 million in cryptocurrency drained across 150+ tokens.","source":""},{"date":"2021-02-01","event":"KuCoin CEO Johnny Lyu reports recovery of approximately 84% of stolen hack funds through exchange partners, law enforcement, and insurance.","source":""},{"date":"2021-06-01","event":"Chainalysis publicly attributes the September 2020 KuCoin hack to North Korea's Lazarus Group based on on-chain patterns and shared deposit addresses.","source":""},{"date":"2023-07-01","event":"KuCoin implements KYC program for the first time, approximately six years after launch. Program not applied to existing customers.","source":""},{"date":"2024-03-26","event":"US DOJ SDNY unseals criminal indictment against KuCoin and founders Chun Gan and Ke Tang for Bank Secrecy Act violations and operating an unlicensed money transmitting business.","source":""},{"date":"2024-03-26","event":"CFTC files parallel civil enforcement action against KuCoin operating entities for Commodity Exchange Act violations spanning July 2019 to June 2023.","source":""},{"date":"2025-01-27","event":"KuCoin pleads guilty in Manhattan federal court to operating an unlicensed money-transmitting business. Agrees to pay $297.4 million and exit US market for minimum two years. Founders Gan and Tang enter deferred prosecution agreements and resign.","source":""},{"date":"2025-09-25","event":"Canadian FINTRAC issues record C$19.6 million (USD ~$14 million) penalty against Peken Global Limited for AML violations including failure to register, ~3,000 unreported large transactions, and 33 unfiled suspicious transaction reports.","source":""},{"date":"2026-04-14","event":"ZachXBT alleges KuCoin enabled laundering of over $13 million in recent thefts, including $9.5 million from a fake Ledger Live app routed through 150+ KuCoin deposit addresses and $3.5 million from the Bitcoin Depot theft.","source":""},{"date":"2026-05-22","event":"ZachXBT publicly accuses KuCoin of ignoring hack victims and law enforcement requests, alleging exchange allowed illicit activity to continue despite having information to freeze flagged addresses.","source":""}]},"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 07fd15ab-4f48-44bf-b6f1-b3088c368141
  2. #2reviewby reviewerreviewer
    2026-05-30 12:48:11Z
    Score: 1818 (no score change)
    The investigation page is largely accurate on major facts — the DOJ guilty plea, CFTC action, FINTRAC penalty, and ZachXBT allegations are all well-supported. Key issues are: (1) the Chainalysis Lazarus attribution date is wrong by approximately four months (February 2021, not June 2021); (2) the headquarters relocation is described as 'China to Singapore' when sources consistently say 'Hong Kong to Singapore'; (3) the hack date in the timeline is September 26 when it occurred September 25. No claims were found to be fabricated or contradicted by credible sources.
    anchoranchored
    chain
    mainnet-betaslot 423,159,411
    sig
    4fHydQgrvuN1…gsK8qQoxexplorer ↗
    hash
    6tfkgb9aAnwP…tzMVN4Aasha256 → base58
    verifying row…full verify ↗
    canonical bytes (912 B) ▸
    {"actor":"reviewer","decided_at":"2026-05-30T12:48:10.363Z","decision":"review","investigation_id":"0c56d875-ca56-4175-b95f-c50e5fe7e1a2","new_score":18,"page_slug":"kucoin","prev_score":18,"reason":"The investigation page is largely accurate on major facts — the DOJ guilty plea, CFTC action, FINTRAC penalty, and ZachXBT allegations are all well-supported. Key issues are: (1) the Chainalysis Lazarus attribution date is wrong by approximately four months (February 2021, not June 2021); (2) the headquarters relocation is described as 'China to Singapore' when sources consistently say 'Hong Kong to Singapore'; (3) the hack date in the timeline is September 26 when it occurred September 25. No claims were found to be fabricated or contradicted by credible sources.","score_delta":0,"sequence_num":2,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision 7ce973ff-d158-4411-b640-08882fdc2e54
  3. #3review approveby judgejudge
    2026-05-30 12:48:15Z
    Score: 1813 (-5)
    The review confirmed 13 of 19 claims outright, with 4 partially supported on minor precision grounds and only 1 disputed (claim_findings[10]: the Chainalysis Lazarus attribution is dated June 2021 in the timeline, when the blog post was actually published February 2021 — a secondary chronological error that does not affect the substance of the allegation). No claims were fabricated or contradicted by credible sources, and there is no link rot or stale sourcing on critical citations. A small penalty is applied because a high-priority coverage gap exists (no on-chain transaction evidence anchoring the ZachXBT illicit-flow claims) and the page's US market exit framing is now materially understated — a March 2026 CFTC consent order permanently bars KuCoin from the US market, superseding the 'at least two years' description in the summary and timeline[9].
    anchoranchored
    chain
    mainnet-betaslot 423,159,423
    sig
    61iLzXweNw5U…CqH3i9Dmexplorer ↗
    hash
    8eqyQmchsZFh…a255uWvhsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1210 B) ▸
    {"actor":"judge","decided_at":"2026-05-30T12:48:10.363Z","decision":"review_approve","investigation_id":"0c56d875-ca56-4175-b95f-c50e5fe7e1a2","new_score":13,"page_slug":"kucoin","prev_score":18,"reason":"The review confirmed 13 of 19 claims outright, with 4 partially supported on minor precision grounds and only 1 disputed (claim_findings[10]: the Chainalysis Lazarus attribution is dated June 2021 in the timeline, when the blog post was actually published February 2021 — a secondary chronological error that does not affect the substance of the allegation). No claims were fabricated or contradicted by credible sources, and there is no link rot or stale sourcing on critical citations. A small penalty is applied because a high-priority coverage gap exists (no on-chain transaction evidence anchoring the ZachXBT illicit-flow claims) and the page's US market exit framing is now materially understated — a March 2026 CFTC consent order permanently bars KuCoin from the US market, superseding the 'at least two years' description in the summary and timeline[9].","score_delta":-5,"sequence_num":3,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision eeff27ef-3cda-407b-8ce4-85bdc1f828a6
  4. #4reviewby reviewerreviewer
    2026-06-14 23:16:13Z
    Score: 1313 (no score change)
    Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. KuCoin is a real, operating cryptocurrency exchange with 41M+ registered users, proof-of-reserves audits, and SOC2/ISO27001 certifications — not a scam or Ponzi. The incidents driving its CRITICAL score are (1) a $275-285M hack in September 2020 attributed by Chainalysis to North Korea's Lazarus Group (an external state-sponsored actor, suffered by KuCoin), (2) a guilty plea to unlicensed money transmission — an AML/BSA compliance violation — resulting in $297.4M in penalties, (3) a C$19.6M FINTRAC fine in Canada, (4) a permanent CFTC bar from the US market in March 2026, (5) an Austrian FMA ban on new business in February 2026, and (6) ZachXBT allegations in April-May 2026 that KuCoin allowed $13M+ in stolen funds to pass through its deposit addresses while ignoring law enforcement. None of these constitute KuCoin itself running a fraud, exit scam, or Ponzi. The entity has serious and documented compliance failures (deliberately avoiding KYC to attract global users, failing to file SARs) and credible recent allegations of non-cooperation with crime victims, which together justify WARNING band. A score of 28 reflects: severe AML enforcement history across three jurisdictions, ongoing ZachXBT allegations, multi-year US market ban, but also the fact the entity is a legitimate operating exchange that repaid hack victims, maintains proof-of-reserves, and was not convicted of defrauding customers.
    anchoranchored
    chain
    mainnet-betaslot 426,514,756
    sig
    3BhddmwgcUEy…EejJFb17explorer ↗
    hash
    HUvGpgYXfKFP…isGF6Jomsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1899 B) ▸
    {"actor":"reviewer","decided_at":"2026-06-14T23:16:13.052Z","decision":"review","investigation_id":"0c56d875-ca56-4175-b95f-c50e5fe7e1a2","new_score":13,"page_slug":"kucoin","prev_score":13,"reason":"Blue-chip calibration review (Prompt A). Verdict: over-penalized. Page content is treated as accurate; the trust_score band is miscalibrated. KuCoin is a real, operating cryptocurrency exchange with 41M+ registered users, proof-of-reserves audits, and SOC2/ISO27001 certifications — not a scam or Ponzi. The incidents driving its CRITICAL score are (1) a $275-285M hack in September 2020 attributed by Chainalysis to North Korea's Lazarus Group (an external state-sponsored actor, suffered by KuCoin), (2) a guilty plea to unlicensed money transmission — an AML/BSA compliance violation — resulting in $297.4M in penalties, (3) a C$19.6M FINTRAC fine in Canada, (4) a permanent CFTC bar from the US market in March 2026, (5) an Austrian FMA ban on new business in February 2026, and (6) ZachXBT allegations in April-May 2026 that KuCoin allowed $13M+ in stolen funds to pass through its deposit addresses while ignoring law enforcement. None of these constitute KuCoin itself running a fraud, exit scam, or Ponzi. The entity has serious and documented compliance failures (deliberately avoiding KYC to attract global users, failing to file SARs) and credible recent allegations of non-cooperation with crime victims, which together justify WARNING band. A score of 28 reflects: severe AML enforcement history across three jurisdictions, ongoing ZachXBT allegations, multi-year US market ban, but also the fact the entity is a legitimate operating exchange that repaid hack victims, maintains proof-of-reserves, and was not convicted of defrauding customers.","score_delta":0,"sequence_num":4,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision acb867f2-6e4e-4535-a9a9-d4a1a0d7b34e
  5. #5review approveby judgejudge
    2026-06-14 23:16:13Z
    Score: 1328 (+15)
    All six claim_findings (indices 0-5) are supported with no disputed claims. The calibration review establishes that KuCoin is a legitimate, operating exchange with 41M+ users, proof-of-reserves audits, and SOC2/ISO27001 certifications. The current CRITICAL-band score of 13 is demonstrably too harsh: the $285M 2020 hack (claim_findings[1]) is externally attributed to North Korea's Lazarus Group — a suffered-by incident, not KuCoin's own fraud — and the DOJ guilty plea (claim_findings[2-3]) is for unlicensed money transmission (AML/BSA failure), not fraud or theft. Serious compliance failures across three jurisdictions and ongoing ZachXBT allegations (claim_findings[5]) justify WARNING band rather than CRITICAL. A +15 delta moves the score from 13 to 28, placing the entity in the WARNING band consistent with documented regulatory history and the absence of any finding that KuCoin defrauded its customers. Page content stands as accurate and must remain published.
    anchoranchored
    chain
    mainnet-betaslot 426,514,773
    sig
    3j9VfDSdKDhK…xCuZJfZGexplorer ↗
    hash
    C3LxqasoP8ZR…2VLA9oJcsha256 → base58
    verifying row…full verify ↗
    canonical bytes (1322 B) ▸
    {"actor":"judge","decided_at":"2026-06-14T23:16:13.052Z","decision":"review_approve","investigation_id":"0c56d875-ca56-4175-b95f-c50e5fe7e1a2","new_score":28,"page_slug":"kucoin","prev_score":13,"reason":"All six claim_findings (indices 0-5) are supported with no disputed claims. The calibration review establishes that KuCoin is a legitimate, operating exchange with 41M+ users, proof-of-reserves audits, and SOC2/ISO27001 certifications. The current CRITICAL-band score of 13 is demonstrably too harsh: the $285M 2020 hack (claim_findings[1]) is externally attributed to North Korea's Lazarus Group — a suffered-by incident, not KuCoin's own fraud — and the DOJ guilty plea (claim_findings[2-3]) is for unlicensed money transmission (AML/BSA failure), not fraud or theft. Serious compliance failures across three jurisdictions and ongoing ZachXBT allegations (claim_findings[5]) justify WARNING band rather than CRITICAL. A +15 delta moves the score from 13 to 28, placing the entity in the WARNING band consistent with documented regulatory history and the absence of any finding that KuCoin defrauded its customers. Page content stands as accurate and must remain published.","score_delta":15,"sequence_num":5,"submission_content_hash":null,"submission_id":null,"submission_kind":null,"submission_valence":null,"v":1}
    Verify offline (run on your own machine)
    python -m src.verify_decision ead0bdb8-0e53-4b39-bb70-ead501825900
How verification works. The “Row integrity” check above is computed in your browser — your machine recomputes the SHA-256 of the canonical bytes and compares against the stored hash. No avoid.net server can fake that check. The “full verify” link goes one level deeper: your browser fetches the on-chain transaction from a Solana RPC node and confirms the same hash is in the memo. If you don’t want to trust either avoid.net or the public RPC, run the CLI verifier on your own machine — python -m src.verify_decision <event_id>.