Crypto exchange KuCoin is facing renewed scrutiny after blockchain investigator ZachXBT alleged that the platform issued legal warnings to a victim whose stolen cryptocurrency was allegedly traced through KuCoin-linked deposit addresses.
The claims come from a reported $250,000 theft linked to the Atomic Stealer malware on August 18, 2025. In a post on Telegram, ZachXBT shared details of the investigation, including one wallet address tied to the theft and five deposit addresses he claimed were associated with KuCoin.
According to ZachXBT, the accounts involved had allegedly used “purchased mule KYC,” referring to accounts verified with another person’s identity. The allegations have not been confirmed by a court or by any official statement from KuCoin.
What caused the latest dispute?
Alongside the blockchain data, ZachXBT shared what appeared to be a message from KuCoin’s Customer Care and Support Team. The message stated that the exchange respects the right of users to raise concerns through legal and regulatory channels but warned that false or unlawful statements could result in legal claims.
It also included the statement that “all rights are expressly reserved.”
The issue gained more attention after crypto community member DNBWIZARD posted the screenshot on X, claiming KuCoin had threatened legal action against him. At the time of writing, KuCoin has not publicly responded to the allegations or confirmed the authenticity of the shared message.
Why is KuCoin’s compliance history back in focus?
In January 2025, the U.S. Department of Justice announced that KuCoin had pleaded guilty to operating an unlicensed money transmitting business and agreed to pay more than $297 million in penalties. Prosecutors said the exchange failed to maintain effective anti-money laundering (AML) and know-your-customer (KYC) controls, allowing suspicious transactions to move through the platform.
The case followed charges filed in March 2024 against KuCoin and two of its founders, with authorities alleging the exchange processed billions of dollars in suspicious and criminal funds between 2017 and 2024.
Does this relate to earlier stolen crypto investigations?
The new allegations also mirror previous investigations involving stolen cryptocurrency routed through KuCoin deposit addresses. Earlier this year, ZachXBT reported that a fake Ledger Live application stole at least $9.5 million from more than 50 victims. Blockchain analysis linked the stolen assets to more than 150 KuCoin deposit addresses before the funds were moved through a centralized mixing service.
In a separate investigation, ZachXBT also traced stolen assets to KuCoin-linked deposit addresses connected to an individual identified as AudiA6, noting that recovering the funds would likely require cooperation from law enforcement and cryptocurrency exchanges.
Despite expanding its regulatory presence by obtaining a Markets in Crypto-Assets (MiCA) license in Austria through its European subsidiary in late 2025, KuCoin later faced restrictions after Austrian regulators barred the unit from onboarding new customers, citing compliance staffing concerns.
Enjoyed this? Bookmark DeFi Planet, explore related topics, and follow us on Twitter, LinkedIn, Facebook, Instagram, Threads and CoinMarketCap Community for seamless access to high-quality industry insights
Take control of your crypto portfolio with DEFI PLANET PRO, DeFi Planet’s suite of analytics.
