A major setback has hit the cryptocurrency exchange FixedFloat, known for its fully automatic operations and lightning network integration.
The exchange fell victim to a security breach, resulting in the loss of approximately 1,728 Ethereum and 409 Bitcoin, with a combined value of $25.85 million.Â
The majority of the stolen Ethereum has already been transferred by the perpetrator to eXch on the Ethereum network, resulting in total losses amounting to $26 million.
🚨@FixedFloat was exploited for ~$26.1M (409 $BTC and 1,728 $ETH).
On Ethereum, the attacker 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085 sent the stolen 1,728 $ETH to multiple addresses, then to Exch exchange.
The stolen 409 $BTC was dispersed to multiple addresses by attacker… pic.twitter.com/2usl0kwG5v
— Beosin Alert (@BeosinAlert) February 18, 2024
The individual responsible for the breach, identified as the “drainer,” exploited vulnerabilities in FixedFloat’s security protocols to execute the theft.
The Ethereum stolen, amounting to 1,700 ETH, was traced to the wallet address 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085. Similarly, the 409 Bitcoin stolen were linked to the wallet address bc1q2skp47p9f5mr4n4m27k66v0l68gh3xdd7ad4e5.
. @FixedFloat hacked, resulting in ~1,728 ETH (worth ~$4.85m) and & 409 BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen ETH to eXch on Ethereum. 26M$ loss in total!
Drainer on Ethereum (1700 ETH stolen): 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085… https://t.co/imeXB1h7Jv pic.twitter.com/oquw373NOG
— Officer's Notes (@officer_cia) February 19, 2024
FixedFloat Hacker Gets Intelligent To Cover Up Tracks
In a peculiar turn of events, the FixedFloat Drainer orchestrated deposits to two @hitbtc deposit addresses and several Exch deposits, along with the fraudulent transfers.
Notably, the hacker initiated activity to the HitBTC deposit addresses 0x454575ccc21c8d7dd0557ce97138a37c73864027 and 0xfb7c6319e7f635aff27f43efa35dde85a12518d7, almost simultaneously, dating back to April 2021.
This intricate web of transactions suggests a deliberate attempt by the FixedFloat Drainer to obscure their tracks and mislead investigators. It appears that the hacker strategically established a false trail, potentially to divert attention from their true identity and intentions.
The security breach at FixedFloat serves as a stark reminder of the persistent threats facing cryptocurrency exchanges and the urgent need for robust security measures to safeguard user assets.Â
As investigations continue into the incident, stakeholders in the cryptocurrency community remain vigilant, emphasizing the importance of proactive security protocols and heightened awareness to mitigate future risks.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @themerklehash to stay updated with the latest Crypto, NFT, AI, Cybersecurity, and Metaverse news!
Image Source: serezniy/123RF// Image Effects by Colorcinch