Fixed Float Exploited for $2.8 Million, Tether Freezes Hacker Addresses

The post Fixed Float Exploited for $2.8 Million, Tether Freezes Hacker Addresses appeared first on Coinpedia Fintech News

FixedFloat, the fully automatic crypto exchange, has reportedly been a victim of yet another security breach. The hacker managed to take almost $2.8 million worth of crypto from the Ethereum chain hot wallet, with the platform’s access control issues to be blamed. The hack reported by CyversAlerts has left the exchange’s users bewildered and wondering as they wait for the platform to be sorted.

Here Is What We Know

According to the latest reports, The funds stolen from FixedFloat’s hot wallet went to a suspicious address in the form of Ethereum (ETH), tether (USDT), Wrapped Ethereum (WETH), Dai (DAI) and USD Coin (USDC). The hacker further swapped these funds for Ethereum on decentralized exchanges and later on was transferred to the eXch exchange.

ALERTOur system has detected some suspicious transactions with @FixedFloat!

Approximately 14 hours ago, a staggering $2.8M was withdrawn from their hot wallet on the $ETH chain. The funds were directed to a suspicious address, which subsequently received various digital… pic.twitter.com/F671oKR5N6

— Cyvers Alerts (@CyversAlerts) April 2, 2024

Following these hacker transactions, the compromised hot wallet ceased operations and the company’s website was taken offline for maintenance casting more doubts on users.

According to blockchain security firm Peckshield, stablecoin issuer Tether blocklisted ten addresses involved in these withdrawals, effectively freezing about $400,000 worth of USDT tokens.

Fixed Float Hacked Again in the Same Way

With another unfortunate circumstance, this was not the first of the security breaches that FixedFloat encountered. An access control problem was attributed to the theft of $26 million on February 16 from the platform.  

The audacious hacker successfully siphoned off 1728 ETH valued at $4.85 million and an additional 409 BTC valued at a staggering $21 million, culminating in a total crypto loss of $26 million attack.

A review of fund flow showed that the stolen assets were split among various addresses in the Bitcoin chain; similarly, the Ethereum chain route had many addresses channelled to the eXch exchange. Experts predicted that the hacker may have managed to access a private key with one of the exchange’s addresses.

Fixed Float Blames Third-Party 

Upon the exploit discovery, the FixedFloat confirmed the validity of the hack and it was made clear that the same hacker was the culprit behind both the February and the latest hack where Ethereum hot wallet which held the coins equivalent to $2.8 million was targeted. 

On April 1, we were again attacked by the attackers who were behind the February 16 hack. The attackers did not stop there and continued to use various methods to try to hack our service again. Thanks to the enormous work done to improve the security of our infrastructure, we…

— FixedFloat (@FixedFloat) April 2, 2024

The team blamed the third-party services provider from whom they are using where the hacker managed to take advantage of a vulnerability. They also emphasized the work being done to strengthen the security infrastructure.

FixedFloat offered peace of mind to customers to ensure them that only the service itself was affected by financial losses and the hackers stole funds to ensure the liquidity of the service.in this regard, users invested funds and company funds were considered to be safe.

An investigation of the hacker incident is currently in progress, the forthcoming details will be announced as the situation evolves.

from Coinpedia Fintech News https://ift.tt/nXjBbkF
via IFTTT

Edit This Article