On Sept. 25, the lightning-fast decentralized exchange (DEX) Mixin Network revealed that hackers attacked its cloud service provider’s database on Sept. 23, causing a loss of approximately $200 million.
[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network's cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team…
— Mixin Kernel (@MixinKernel) September 25, 2023
Following this disclosure, Mixin Network immediately suspended all deposit and withdrawal services. The company said these services will resume after a comprehensive assessment and correction of the identified vulnerabilities. Moreover, the suspension will not affect the transfer of assets in the network. The team stated that they had contacted blockchain security company SlowMist and Google to assist with the investigation.
Mixin Network’s founder Feng Xiaodong stated:
“No matter what your assets are — whether it’s Bitcoin or Ethereum — we will ensure that half of it is unaffected. We’re trying to find a way to recover the compromised money, but that is very difficult.”
Feng added that the damaged assets were mainly Bitcoin core assets, and assets such as XIN and BOX did not experience severe theft. Moreover, the company can ensure the safety of 50% of its clients’ assets after this attack. For the remaining assets, the Mixin Network team is considering issuing “bond tokens” for users to claim, which they’ll purchase back later. The company also plans to establish a safer system for user assets.
Web3 SaaS analytics platform 0xScope revealed that the hacker was already connected to the Mixin network. Address 0x1795 – linked to the hacker – received 5 Ethereum from Mixin last year. Later, the hacker deposited them into Binance.
An address connected to the recent $200M @MixinKernel #hack received 5 $ETH from the platform last year and deposited 5.9 $ETH on #Binance soon after.
Also, the hacker then swapped $USDT for $DAI to avoid being frozen.
See how the hackers used addresses in the Mixin attack below pic.twitter.com/x3rfyMAv5W
— 0xScope ( . ) (@ScopeProtocol) September 25, 2023
Following the announcement, Mixins’ native token, XIN, fell 13% in the past 24 hours. It is now trading at $181.
Rapid Increase In Crypto Attacks
Despite the implementation of multiple security measures, cryptocurrency attacks and frauds are on the rise in the market. Last week, hackers managed to steal $15 million from Fortress Trust by gaining control of Retool’s Google Authenticator cloud sync feature. The breach affected approximately 27 of Retool’s cloud customers and was carried out through an SMS phishing scheme that targeted Retool employees.
Moreover, Vitalik Buterin, co-founder of Ethereum, recently faced a cyber attack that compromised his profile on X. Buterin shared that a hacker took control of his account through a SIM-Swap attack, but he successfully recovered his account.