Being Crypto

Security Breach at FixedFloat

Security Breach at FixedFloat Results in $26 Million Crypto Loss

FixedFloat, a decentralized exchange, fell victim to a drainer attack on February 18, 2024, resulting in the loss of approximately 1,728 Ethereum (ETH) and 409 Bitcoin (BTC), valued at over $26 million. The attacker skillfully redirected the stolen funds to various Ethereum and Bitcoin addresses.

In the aftermath of the incident, security researchers at Officer’s Notes provided insights into the breach. The hacker orchestrated the movement of ETH to multiple addresses and eventually to the eXch exchange. Furthermore, the stolen funds were transferred to two HitBTC addresses, which had initially received ETH deposits almost simultaneously in 2021. Notably, the BTC was distributed across multiple addresses.

Officer’s Notes raised the possibility that the hacker might be attempting to frame the owner of the HitBTC addresses, as no commonalities were found between them, except for the address controlled by the hacker. The investigator speculated that the hacker deliberately created a false trail.

FixedFloat acknowledged the breach and stated that they were in the process of recovering from the incident. However, they refrained from making public comments at the time, emphasizing their focus on eliminating vulnerabilities, enhancing security measures, and conducting a thorough investigation.

The recent attack on FixedFloat is part of a concerning trend in the cryptocurrency space, with an increase in drainer attacks. Singapore authorities have issued warnings about a new drainer scam affecting crypto airdrop recipients, facilitated by drainer kits available on the darknet.

Crypto security firm BlockAid reported a surge in Solana wallet attacks, where hackers imitate genuine wallet responses during transactions. In a separate incident, hacking group Angel Drainers executed a Safe Vault attack, stealing $403,000.

The rise in drainer attacks has been evident in recent weeks, with a $900,000 Chainlink (LINK) token heist and reports from Scam Sniffer indicating that wallet drainers pilfered $295 million from 340,000 users in the previous year. The crypto community remains on high alert as security challenges continue to escalate.

Being Crypto on Google News
Scroll to Top