Down the Rabbit Hole with Exmarkets: Is Hacken run by a crook?

This is the story of our dealings with Hacken, a cybersecurity and consulting company. It’s a story of defamation, discovery of fraudulent behavior, and our pursuit of truth on the streets of Kyiv.

Having exhausted all other channels of communication, we now want to publicly tell the full story, recount how it unfolded, and clear up some false allegations. We also want to warn our peers to be vigilant and to carefully evaluate any business dealings with Hacken. This report may read as a crime novel — but the ExMarkets team is very aware of real-life consequences.

On the surface, Hacken seems like a reputable cybersecurity service provider and has earned a respectable name in the cryptocurrency industry. Or so we thought. The more we learned about the company, the more suspicious we grew.

An unintended discovery

It all stems from a simple misunderstanding that could’ve been settled in a friendly and civilized manner. If you follow Hacken Club on Twitter, you may have seen this hostile tweet about us, which has also prompted CoinMarketCap to issue a warning on the website:

To really understand the situation, we’ll provide you with more context.

How it all unfolded

Back in July 2019, we were looking for a reputable service provider to carry out a cybersecurity audit on ExMarkets crypto exchange. Hacken’s name came up, and so we’ve arranged an in-person meeting with Dyma Budorin, the company’s managing partner.

We met at Parus Business Center in Kyiv, and we could immediately tell that something wasn’t quite right. Although it was a busy weekday, Hacken’s offices were completely empty. Having read about the company, we had expected to see a busy team of 60 employees, but only Mr. Budorin and one other software engineer were present. (Remember, this was before the COVID-19 pandemic.)

Nevertheless, we brushed it off, went ahead with the meeting, and eventually shook hands on a deal that, in hindsight, might have been a little too good to be true.

A mistake on our part

At the time, our team was working diligently on another important task — listing ExMarkets exchange on CoinMarketCap. After the meeting with Hacken, we were sure that the cybersecurity audit would go ahead. We were also sure that it was going to take a long time to get verified by CoinMarketCap. And thus, in good faith, a call has been made to preemptively acknowledge Hacken as our cybersecurity audit provider in the application form sent to CoinMarketCap.

Of course, things didn’t go according to plan. A couple of weeks after the initial meeting, Hacken came back with some changes to the agreed proposal. The scope of work hasn’t changed, but the price tag was now 4x that of the original estimate. As it was simply unreasonable, we decided to step away. We thought that was the end of it.

In retrospect, we were too impatient, too eager — and, perhaps, too naive to include Hacken in our application form, thinking that everything would work out just fine. With no intention to deceive, we have, nevertheless, made a terrible oversight. In October, ExMarkets was finally officially listed on CoinMarketCap with Hacken (mistakenly) named as our cybersecurity provider. And for that, we are sincerely sorry.

Since then, we have tried to get in contact with CoinMarketCap to correct the error but could never get a hold of them. Then COVID-19 hit, and suddenly something far more important caught everyone’s attention.

Playing Hide and Seek in the streets of Ukraine

Fast forward to August 16th, the day of the aforementioned tweet by Hacken. Naturally, in response to such accusations, we immediately reached out to clarify this long-forgotten misunderstanding. After all, it was never our intention to claim undue credit or to exploit Hacken’s reputation.

Nevertheless, to our surprise, Hacken had gone radio silent — they left our Telegram group, stopped responding to our emails and started evading our meeting requests. Having exhausted all of our options, we’ve decided to visit them in person at their R&D offices in Kyiv.

This is where the plot thickens. Hacken.io has Creative States, Moskovska vul 8 listed as their contact address in Ukraine. Meanwhile, Hackenproof, another project of the Hacken Ecosystem, says it’s Mechnikova 2a, Business center “Parus”.

We’ve decided to visit them both.

Wherever we went, we were greeted with blank stares — no one could direct us to the company’s offices. Despite being explicitly mentioned on the Hacken website, representatives at the Creative States couldn’t recall renting out workspaces to Hacken at any point in time.

We were a bit luckier at Parus Business Center, where a manager confirmed that some business space was, in fact, rented in Hacken’s name. We were, nevertheless, equally shocked to find out that it was only a small cramped room, and that the lease had already been terminated 6 months ago. No one had heard from Hacken since.

Warning signs all around

Digging a little deeper, we found out that there is actually no company registered under (or affiliated with) the name Hacken in Ukraine. It also appears that Parus Business Centre may have only been used as a con trick to make an impression on clients.

From what we’ve managed to piece together, it seems that Hacken has far fewer employees and assets under control than reported.

The company might also have vastly overstated its competences in cybersecurity, and now appears to be stalling for time. Mr. Budorin himself is avoiding contact, refusing to engage in constructive discussions. His motives remain unclear.

This truly is an unexpected turn of events.

We do take full responsibility for the operational blunder of including Hacken’s name in our CoinMarketCap application form. But we certainly didn’t expect to uncover such revelations in our attempt to right our wrongs.

Although Hacken continues to ignore our calls, the Exmarkets team will continue trying to get in contact with Mr. Budorin, and other Hacken’s employees, presumably, located in Estonia’s offices.

We are issuing this highly unusual update to warn other businesses in the industry to be extremely cautious. We also ask anyone who has had similar experiences or suspicions to come forward. You can get in touch with us via email or our telegram group.