See More

This Crypto Exchange Just Got Hacked for $26 Million

2 mins
Updated by Ryan Boltman
Join our Trading Community on Telegram

In Brief

  • Decentralized exchange FixedFloat suffered a loss of around 2,137 ETH in a drainer attack; stolen funds were sent to an Ethereum exchange.
  • The hacker moved the stolen crypto to multiple deposits on Exch, creating a false trail to two HitBTC addresses, according to activity.
  • Crypto hackers are on the increase, with Singapore warning of a new drainer scam and BlockAid confirming increased Solana wallet crimes
  • promo

Decentralized exchange FixedFloat lost around 1,728 Ethereum (ETH) and 409 Bitcoin (BTC) through a drainer attack on Feb. 18, 2024. The exploiter sent the stolen funds to multiple Ethereum and Bitcoin addresses.

A hacker drained over $26 million worth of Bitcoin (BTC) and ETH from the decentralized exchange FixedFloat. 

FixedFloat Confirms Hack of $26M

According to the threat researcher Officer’s Notes, the hacker transferred the ETH to multiple ETH addresses and then to the eXch exchange. The hacker then sent funds to two HitBTC addresses that received their initial ETH deposits almost simultaneously in 2021. The BTC was also sent to multiple addresses.

Officer’s Notes suggest the hacker could be framing the owner of the HitBTC addresses since they do not share anything in common other than the hacker’s address. The drainer’s address later received funds from Binance.

Read more: 15 Most Common Crypto Scams To Look Out For

fixedfloat drainer fund flows
Movement of FixedFloat Funds | Source: Peckshield

“I don’t see any addresses (other than the hacker’s address) that link these 2 HitBTC deposit addresses…Most likely, the hacker created only a false trail,” the investigator wrote.

Later, FixedFloat said they were recovering from the breach but were not ready to comment publicly. An earlier incident where a customer complained that they couldn’t withdraw money was blamed on a maintenance issue.

“We confirm that there was indeed a hack and theft of funds. We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate,” FixedFloat said.

BeInCrypto contacted the exchange for comments but did not reply at press time. They have since provided an official email channel for inquiries.

Wallet Drainer Attacks Escalate

The pace of crypto attacks has started to pick up in recent weeks. Singapore has raised red flags about a new drainer scam that drained the wallets of hopeful crypto airdrop recipients. According to the Singapore Police, the new crypto scam is perpetuated by so-called drainer kits sold on the darknet

Crypto security firm BlockAid confirmed an increase in Solana wallet attacks in recent months. The hacker mimics the responses of genuine wallets when receiving funds from a transaction. Last week, they confirmed a Safe Vault attack by hacking group Angel Drainers that stole $403,000.

Read more: Top 5 Flaws in Crypto Security and How To Avoid Them

A drainer hack netted $900,000 Chainlink (LINK) tokens two weeks ago. According to Scam Sniffer, wallet drainers stole $295 million from $340,000 users last year.

Top crypto platforms | July 2024
SunContract SunContract Explore
Exodus Exodus Explore
BYDFi BYDFi Explore
Coinrule Coinrule Explore
Сoinex Сoinex Explore
Top crypto platforms | July 2024
SunContract SunContract Explore
Exodus Exodus Explore
BYDFi BYDFi Explore
Coinrule Coinrule Explore
Сoinex Сoinex Explore

Trusted

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

David-Thomas.jpg
David Thomas
David Thomas graduated from the University of Kwa-Zulu Natal in Durban, South Africa, with an Honors degree in electronic engineering. He worked as an engineer for eight years, developing software for industrial processes at South African automation specialist Autotronix (Pty) Ltd., mining control systems for AngloGold Ashanti, and consumer products at Inhep Digital Security, a domestic security company wholly owned by Swedish conglomerate Assa Abloy. He has experience writing software in C,...
READ FULL BIO
Sponsored
Sponsored