7
Representative image for decentralized exchanges. ByBit/flickr.com

KEY POINTS

  • Bitcoin worth around $21 million and Ether worth almost $5 million were reportedly drained Sunday
  • FixedFloat has since said it will provide more details about the hacking incident "a little later"
  • Chainalysis said in a January report that hacking "remains a significant threat" even as crypto platform theft has declined

Decentralized cryptocurrency exchange FixedFloat has been exploited for at least $26 million in Bitcoin (BTC) and Ether (ETH), on-chain data revealed.

News of the hack first emerged on X (formerly Twitter), with users saying FixedFloat got exploited. User @reprove wrote Sunday that "the developer ran away with 1700 ETH yesterday."

As of 6:50 a.m. EST, the exchange's website displays an error notice. "Technical work is underway, we will be back soon! If you need to contact us, you can do this via chat," the notice reads.

On-chain data shows that more than 1,700 Ether worth nearly $5 million and over 400 Bitcoin worth around $21 million were drained Sunday, but the details on how the attack was carried out remains unclear.

"We confirm that there was indeed a hack and theft of funds. We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate. Our service will be available again soon. We will provide details on this case a little later," the exchange team said in a statement, as per Cointelegraph.

There have been reports of frozen transaction and missing funds on the exchange's account on X.

FixedFloat did not immediately respond to International Business Times' request for further comments.

News of the hack came a few weeks after American blockchain analysis firm Chainalysis said in a late January report that theft of funds from crypto platform fell by over 50% last year, but "hacking remains a significant threat." The number of hacking incidents rose instead in 2023, as per the report.

"Attack vectors affecting DeFi (decentralized finance) are diverse and constantly evolving; it is therefore important to classify them to understand how hacks occur and how protocols might be able to reduce their likelihood in the future," Chainalysis noted.

Among the latest of such evolving attack vectors was the recent claim by a hacker who claimed to have access to KodexGlobal, the protected request system where law enforcement obtain user info of prominent tech giants such as Meta and Google, as well as some of the world's biggest crypto exchanges including Binance and Coinbase.

In the said breach, the hacker sells access to a KodexGlobal account on BreachForums, with prices ranging between $300-$500 per emergency data request (EDR). Clients can then subpoena user information from major tech firms and crypto exchanges.