Emergency notice following the hacking incident of SSX tokens

2 min readJan 27, 2024

The SOMESING team would like to notify its holders and community members of the foundation’s countermeasures and future action plans based on the contents identified so far regarding the hacking incident of SSX tokens.

In the early morning of January 27, 2024, a total of 730 million SSX tokens were hacked and withdrawn to unknown wallets. Among those stolen SSX tokens, 504 million SSX tokens were yet undistributed tokens that were initially planned to be circulated by the end of 2025, and 226 million SSX tokens were being held by the foundation as they were included in the circulating supply plans as we announced earlier. According to the investigations conducted so far, it has been confirmed that the hacking incident is not related to any member of the SOMESING team, and it is assumed to have been conducted by the professional hacker(s) specializing in hacking virtual assets considering the methods. As a result, 489 million SSX tokens have been over-circulated compared to the circulation volume under the original circulation supply plan as of the end of January 2024. As soon as the foundation recognized the hacking incident, it took the following emergency measures immediately.

1. We have reported a hacking incident and asked for an investigation into the case to the Cyber Investigation Unit of the National Police Agency. In addition, the case is also to be reported to the Interpol.

2. Request for urgent suspension of deposit and withdrawal of SSX for domestic and foreign exchanges: We urgently asked domestic and foreign exchanges where SSX is listed to take temporary suspension of deposit and withdrawal to prevent further hacking damage, and the suspension of deposit and withdrawal has been completed accordingly.

3. Tracking transaction history for hacked SSX: Working closely with Klaytn Foundation and ‘Uppsala Security’, a cyber security company and one of the official partners of Interpol, we are tracking transaction history to identify the final destination of seized virtual assets and identify hacker’s wallets.

Should the investigation by the National Police Agency and Uppsala Security’s tracking confirm the destination of the stolen asset as an exchange(s), we will take follow-up measures to freeze the asset for the wallet address identified as belonging to the hacker and to find out the criminal’s personal information to take further legal actions.

Finally, we would like to deliver our message to the criminal individual or group that carried out the hacking. We plan to request an investigation of this hacking case by domestic and foreign agencies such as the Korean Cyber Investigation Unit and Interpol, therefore, we strongly urge the voluntary return of the hacked assets.

(Please contact us at listing@somesing.io regarding any report or reply of the hacking incident)

The SOMESING team will continue to keep you updated on the progress of the investigation related to this hacking incident through the announcement channel.