Blockchain & Cryptocurrency , Cryptocurrency Fraud , Fraud Management & Cybercrime

Cryptohack Roundup: $200M Mixin Network Hack

Also: Web3 Lost $889M in Q3, Hackers Stole From HTX, Nansen, OpenSea
Cryptohack Roundup: $200M Mixin Network Hack
image: Shutterstock

Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Mixin Network investigated a $200 million hack; Web3 lost $889 million to hacks, phishing scams and rug pulls during the third quarter; hackers stole $8 million from HTX; Binance sought to dismiss the SEC wash trading case; and Nansen and OpenSea suffered third-party security incidents.

See Also: OnDemand | NSM-8 Deadline July 2022:Keys for Quantum-Resistant Algorithms Implementation

Mixin Network

Hackers stole $200 million from Mixin Network over the weekend by targeting the "decentralized" finance company's cloud service provider's database, the Hong Kong-based crypto wallet service provider said in a tweet. In a livestream on Tuesday, Mixin Network founder Feng Xiaodong said that the team can currently "only ensure at least half of the assets are secure."

The company also offered a $20 million "bug bounty reward" to the hacker for the return of the stolen funds. It said in a Wednesday statement on X, formerly Twitter, that the losses were "not as significant as expected."

Web3 Losses

Web3 collectively lost $889.26 million from hacks, phishing scams and rug pulls in the third quarter of 2023, Beosin said. The amount exceeded the combined sum of the first two quarters, which saw $330 million and $333 million worth of losses in the first and second quarters, respectively. Of the total 43 major attacks that together resulted in a loss of $540.16 million, 29 occurred in the decentralized finance space, contributing $98.23 million to the total. Private key compromise incidents and contract vulnerabilities were the primary reasons behind the losses.

HTX, Formerly Huobi

Hackers stole $7.9 million from crypto exchange HTX, but the company "resolved all related issues" as it has "fully covered the losses incurred from the attack," its adviser. Justin Sun, said. The attack came two weeks after the 10-year-old company changed its name from Huobi. The stolen amount only represents a "relatively small sum" compared to the $3 billion worth of assets its users hold, he said, adding that the pilfered funds make up about two weeks of revenue for HTX.

The company offered 5% of the stolen funds - nearly $400,000 - as a “white-hat bonus” to the hacker in a bid to have them return the money.

Binance

Binance lawyers on Thursday asked a U.S. district court to dismiss a case by the Securities and Exchange Commission, which alleges market manipulation and wash trading by units connected to the crypto giant's U.S. arm. Wash trading is a market manipulation tactic where a single trader buys and sells the same security to create the impression of activity in the market. The SEC previously said that Binance was using multiple user accounts held by a Swiss firm called Sigma Chain to carry out illegal activity (see: US SEC Sues Binance and Coinbase Over Securities Violations).

Nansen

Hackers compromised a third-party server to gain admin access and steal emails, password hashes and blockchain addresses of Nansen users, the crypto analytics platform said. The breach impacted 6.8% of its users. The company said it contacted affected users to warn them to change their passwords and be aware of phishing attacks.

OpenSea

A third-party security incident may have reportedly exposed user information of NFT marketplace OpenSea, including API keys. The company did not disclose how many users were affected by the hack. The company said the theft is unlikely to affect any programs that utilize an OpenSea API key, but that if external parties use one of the exposed keys, it could affect rate and usage limits. The company will sunset existing keys by Monday, The Block reported.


About the Author

Rashmi Ramesh

Rashmi Ramesh

Assistant Editor, Global News Desk, ISMG

Ramesh has seven years of experience writing and editing stories on finance, enterprise and consumer technology, and diversity and inclusion. She has previously worked at formerly News Corp-owned TechCircle, business daily The Economic Times and The New Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.