FixedFloat, a decentralized cryptocurrency exchange, has fallen victim to a significant security breach resulting in the loss of approximately $26 million worth of Bitcoin and Ether, as per on-chain data. The exchange’s team acknowledged the attack a few hours after it was initially reported on X (formerly Twitter). Initially, the team attributed the substantial outflows to “minor technical problems” and transitioned its services to maintenance mode.
Since February 17, numerous users have reported frozen transactions and missing funds on the exchange’s X page. On-chain data reveals that on February 18, more than 400 Bitcoin (BTC) valued at around $21 million and over 1,700 Ether (ETH) worth nearly $5 million were drained. The exact method used to carry out the attack remains unclear, and the exchange’s team is currently investigating the security incident. Additionally, all pages of the FixedFloat website currently display an error message.
FixedFloat is an automated cryptocurrency exchange that does not require users to register or undergo Know Your Customer (KYC) verifications. According to data from SEMrush, approximately 26% of its web traffic originates from users in the United States. The exchange is integrated with the Lightning Network for Bitcoin transactions.
Cybersecurity on the blockchain is a major challenge faced by cryptocurrency projects. The Solana ecosystem, for example, has become a target for scam-as-a-service marketplaces that offer drainers capable of performing bit-flip attacks. Chainalysis has also highlighted the resurgence of ransomware payments in 2023, with a specific focus on high-profile institutions and infrastructure. According to a recent report, criminals made a staggering $1 billion last year through supply chain attacks, ranging from individuals and small criminal groups to large syndicates.
Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks.