FixedFloat Confirms Hacker Carted $26 Million in a Recent Exploit

FixedFloat officially confirmed that it suffered an attack on February 18, several hours after initial reports surfaced on X (formerly known as Twitter).

Based on on-chain data, the decentralized cryptocurrency suffered losses totaling at least $26 million in Bitcoin and Ether due to the exploit.

Following the emergence of reports on X, the exchange team acknowledged the attack a few hours later. Initially, they attributed the significant outflows to “minor technical issues” and promptly transitioned their services into maintenance mode.

Since February 17, numerous users have reported encountering frozen transactions and discovering missing funds on the exchange’s X platform. According to on-chain data, the hackers drained over 400 Bitcoin, valued at approximately $21 million, and more than 1,700 Ether, worth nearly $5 million.

FixedFloat Says it’s not Ready to Provide Public Statement

Details regarding the method employed in the attack remain unclear. The exchange team investigated the security breach and said: “We can confirm that a hack occurred, resulting in the theft of funds. While we work on eliminating potential vulnerabilities, enhancing security measures, and conducting investigations, we are not yet prepared to provide public statements on this matter.”

They added that they are working to restore services and will release further information regarding the incident at a later time.

Furthermore, the exchange’s website currently displays an error message across all pages.

FixedFloat operates as an automated cryptocurrency exchange that does not mandate user registration or Know Your Customer (KYC) verifications. According to data from SEMrush, approximately 26% of its web traffic originates from users in the United States. The exchange also integrates with the Lightning Network for Bitcoin transactions.

Ensuring on-chain cybersecurity poses a significant challenge for cryptocurrency projects. For example, the Solana ecosystem has recently faced threats from scam-as-a-service marketplaces offering drainers capable of executing bit-flip attacks.

Additionally, Chainalysis has highlighted the resurgence of ransomware payments in 2023, particularly targeting prominent institutions and critical infrastructure. According to a recent report, criminals amassed a staggering $1 billion last year through supply chain attacks, ranging from individual perpetrators and small criminal factions to large-scale syndicates.