FixedFloat, a decentralized crypto exchange, has fallen victim to an exploit resulting in the loss of approximately $26 million worth of Bitcoin and Ether, as per on-chain data.
The exchange’s team acknowledged the attack a few hours after it was first reported on X, formerly known as Twitter. Initially, the team attributed the significant outflows to “minor technical problems” and placed their services in maintenance mode.
Since February 17, numerous users have reported frozen transactions and missing funds on the exchange’s X page. On-chain data reveals that on February 18, over 400 Bitcoin (BTC) valued at around $21 million and more than 1,700 Ether (ETH) valued at nearly $5 million were drained.
The details regarding the method used in the attack remain unclear, and the exchange team is currently conducting an investigation into the security incident. Additionally, all pages of the FixedFloat website display an error message.
FixedFloat is an automated crypto exchange that does not require users to register or undergo Know Your Customer (KYC) verifications. Approximately 26% of its web traffic originates from users in the United States. The exchange also integrates with the Lightning Network for Bitcoin transactions.
Ensuring on-chain cybersecurity poses a significant challenge for crypto projects. For example, the Solana ecosystem has been targeted by scam-as-a-service marketplaces that offer drainers capable of executing bit-flip attacks.
Chainalysis has also raised concerns about the resurgence of ransomware payments in 2023, particularly targeting prominent institutions and infrastructure. According to a recent report, criminals made a record-breaking $1 billion last year through supply chain attacks, involving individuals, small criminal groups, and large syndicates.
Magazine:
DeFi’s billion-dollar secret: The insiders responsible for hacks