Incidents

Coordinated Attacks Result in $113.3 Million in Losses for Heco Bridge and HTX Exchange

Summary # On November 22, 2023, Heco Bridge and HTX Exchange were victims of cyberattacks, resulting in over $113.3 million in losses. The attacks appear coordinated and carried out by the same attacker based on similar exploitative techniques and the connection between the two targets. Blockchain security firms CertiK, Peckshield, and Cyvers have reported over $86.6 million in digital assets losses for Heco Bridge and $13.6 million in losses for HTX. ...

KyberSwap Loses $49,000,000 During Cyberattack

Summary # On November 22, 2023, KyberSwap, a decentralized finance platform, experienced a sophisticated exploit resulting in a loss of approximately $49,000,000. The attack involved manipulating the platform’s smart contract through complex transactions. The attacker used flash loans to manipulate token prices, which enabled them to exploit a numerical anomaly in the smart contract. This allowed the attacker to double-count liquidity and withdraw substantial funds. Despite KyberSwap having failsafe mechanisms, the attacker skillfully avoided triggering these protections. ...

Kronos Research halts trading after $25M API key hack

Summary # On November 19, 2023, Kronos Research, a Taipei-based cryptocurrency trading and investment firm, was targeted by a hacker who stole over $25 million from the firm’s treasury using unauthorized API keys. This breach enabled the attacker to access the company’s blockchain wallets and conduct unauthorized transactions. The attack’s impact extended beyond Kronos Research, affecting Woo X, an exchange closely affiliated with Kronos Research. As Kronos Research was a major liquidity provider for Woo X, the security incident led to a temporary suspension of certain asset pairs on Woo X due to a liquidity shortage. ...

Poloniex Exchange Suffers $122.98 Million Security Breach

Summary # On November 10, 2023, Poloniex, a custodial centralized exchange, experienced a security breach due to a private key compromise. The attacker exploited Poloniex’s hot wallets and withdrew funds across three chains: Bitcoin, Ethereum, and Tron. The total losses amounted to approximately $122.98 million, including BTC, USDT, USDC, ETH, TRX, and other assets. The stolen assets were exchanged for native tokens and transferred to sereval addresses. Attackers # The attackers believed to be the Lazarus Group, North Korean cybercrime group. ...

Raft Protocol loses $6,700,000 in Smart Contract Exploit

Summary # On November 10, 2023, Raft Protocol experienced an exploit resulting in a loss of about 1,575 cbETH. The exploiter employed a sophisticated multistep attack strategy focusing on a smart contract’s precision calculation vulnerability. Initially, the attacker obtained cbETH through a flash loan before donating and liquidating the cbETH to the Interest Rate Position Manager. This maneuver manipulated the collateral token’s index rate, allowing the exploiter to systematically increase their position in small increments, exploiting a rounding issue in the mint function. ...

Crypto Exchange CoinSpot Reportedly Suffers $2.4 Million Hot Wallet Hack

Summary # On November 8, 2023, the Australian crypto exchange, CoinSpot, experienced an attack on two of its hot wallets, resulting in more than $2.4 million in losses due to a private key leak. The recipient of these funds exchanged them using platforms THORchain and Wan Bridge before exchanging them for Bitcoin using Uniswap and spreading them into four wallets. The Australian financial authority, AUSTRAC, is actively addressing the security breach because the amount stolen is more than $10,000. ...

Astrid Finance Suffers $228,000 Loss in Smart Contract Exploit

Summary # Astrid Finance, an Ethereum-based liquid restaking pool powered by the Eigen Layer, suffered a significant exploit on October 28, 2023, leading to a loss of $228,000. The exploit was executed through a smart contract vulnerability linked to insufficient input validation, specifically within the withdraw function of the protocol. This flaw enabled the attacker to manipulate transaction parameters, allowing the creation and utilization of fake tokens to illegitimately withdraw funds. ...

HTX Exchange Suffers $7.9 Million Security Breach Due to Private Key Leak

Summary # On September 24, 2023, HTX, a global custodial crypto exchange, formerly Huobi Global, experienced a security breach due to a private key leak. The attacker exploited this vulnerability and extracted approximately $7.9 million worth of ETH (4,999 ETH) from the hot wallet of the exchange. After HTX identified the attacker and demanded the return of the funds, the hacker returned the stolen assets on October 7, 2023, and received a “white hat bonus” of 250 ETH, equivalent to $408,666. ...

Mixin Network lost at least $141 million due to a database attack

Summary # In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network’s cloud service provider was hacked, resulting in the loss of approximately $200M. Mixin Network is a service similar to a layer-2 protocol, designed to make cross-chain transfers cheaper and more efficient. A large number of deposit addresses have been drained. The attacker compromised the cloud, recovered the private keys of deposit addresses (and hot wallet addresses, supposedly) and transferred funds in order from the highest to the lowest balance, involving 10,000+ transactions, lasting several hours. ...

Remitano Crypto Exchange Suffers $2.7 Million Loss in Exploit

Summary # On September 14, 2023, Remitano, a cryptocurrency exchange, fell victim to a security breach, resulting in unauthorized transactions on the Ethereum and TRON blockchains and a significant financial loss of $2.7 million. This incident was primarily a hack of the exchange’s hot wallet, triggered by a data leak from a third-party source. Tether’s prompt intervention helped freeze the attacker’s addresses, securing 1.9 million USDT and averting further potential losses. ...