FixedFloat DEX Hacked for $26M in BTC and ETH, Loot Already Moved



On Feb. 18, the FixedFloat team confirmed that the platform was hacked after blockchain sleuths reported the spurious crypto movements.

“We confirm that there was indeed a hack and theft of funds,” it stated in response to a post on X revealing the exploiter’s address.

However, no further details were provided, with the team stating, “We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate.”

There were no new posts or details on the FixedFloat X account as of early Monday morning on Feb. 19. Moreover, the FixedFloat website was also offline with the message “Technical work is underway, we will be back soon!” at the time of writing.

Another DEX Exploit

On Feb. 19, blockchain security firm PeckShield reported that around 1,728 ETH worth roughly $4.85 million and 409 BTC worth around $21 million were stolen in the attack.

The hacker has already transferred most of the stolen Ethereum to the eXch exchange, it added.

FixedFloat is a crypto exchange powered by the Bitcoin Lightning network claiming to be completely automated. It facilitates crypto swaps without the need for user registration or know-your-customer (KYC) verification.

Web3 threat researcher ‘Officer’s Notes’ did a little more digging and said that in addition to multiple deposits for eXch, the FixedFloat Drainer also transferred stolen funds to HitBTC.

“Perhaps FixedFloat Drainer thus simply decided to confuse its trail by framing the innocent owner of these deposit addresses,” they theorized.

“Anything is possible. I don’t see any addresses (other than the hacker’s address) that link these 2 HitBTC deposit addresses (when analyzing ETH and token transactions). Most likely, the hacker created only a false trail.”

Due to its anonymous nature, FixedFloat is often used as a coin mixer to obfuscate a transaction trail.

Crypto Exploits Continue

According to the De.Fi Rekt database, there have already been several large crypto exploits and hacks this month.

On Feb. 9, gaming and metaverse platform PlayDapp lost $32 million in an access control exploit.

A few days later, on Feb. 13, Duelbits suffered a similar access control exploit, resulting in a loss of $4.6 million.





Source link

About The Author

Scroll to Top