Connect with us

certik

Kronos Research Halts Operations After Losing $26 Million In Security Breach

Published

8 months ago

on


Kronos Research, a Taipei-based market maker, trading firm, and venture capital fund, witnessed the withdrawal of significant amounts of crypto assets due to a breach of its security system

Kronos Breach: Investigation Underway

On Sunday, November 19, Kronos Research disclosed – via a post on X (formerly Twitter) – a security incident that involved unauthorized access to its API keys. Consequently, the company lost a significant amount of crypto funds and has halted all trading operations in a bid to launch a full investigation into the incident.

A map of funds outflow by on-chain sleuth ZachXBT summed Kronos’ losses to over $25 million in Ether. In a follow-up post on X, the company also confirmed that the losses are about $26 million in crypto assets.

Kronos

Funds outflow from Kronos Wallet | Source: X/ZachXBT

In its initial announcement, Kronos revealed that the potential losses are not a significant portion of its equity. Meanwhile, the trading firm said in its latest update that all losses will be covered internally, and no partners will be affected.

Although Kronos has yet to provide an update on its resumption process, the company did say that it aims to resume trading as soon as possible.

This $26 million attack on Kronos Research represents the third most significant crypto theft in November 2023. Before this latest incident, data from blockchain security firm Certik revealed that about $173 million had been lost to crypto attacks in November, with Poloniex’s $113 million hack being the most notable yet.

How Did This Hack Affect WOO X?

Interestingly, Kronos is not the only one affected by this security incident, as WOO X is another cryptocurrency entity that has had to pause its operations momentarily. WOO X is an exchange on which Kronos functions as the market maker for its spot and perpetual futures markets.

In an address on the X platform, WOO X acknowledged Kronos’ security situation and announced a temporary pause on all trading to protect users’ positions from a lack of liquidity. The exchange, however, emphasized that all customer funds are safe.

As of this writing, WOO X has resumed trading in both the spot and perpetual futures markets. Meanwhile, the exchange claims that clients can now make withdrawals for all assets.

Nevertheless, the trading platform has faced some backlash from the online crypto community, with some people pointing to its unclear relationship with Kronos.

Kronos

Cryptocurrency total market cap on the daily timeframe | Source: TOTAL chart on TradingView

Featured image from iStock, chart from TradingView





Source link

Related Topics:
Continue Reading

certik

Pink, Pussy, Venom, Inferno — Drainers coming for a crypto wallet near you

Published

12 months ago

on

July 11, 2023

By


Four major crypto drainers have emerged to fill the vacuum left by the notorious wallet sweeper Monkey Drainer, with thousands of victims targeted and millions in crypto stolen already this year.

The crypto drainers — called Pink Drainer, Inferno Drainer, Pussy Drainer, and Venom Drainer — have together stolen $66.4 million in total since around the start of 2023 according to Dune dashboards complied by Web3 anti-scam platform Scam Sniffer.

Venom Drainer has stolen nearly $27.5 million since February, the most out of the group. Inferno Drainer is second with over $21.2 million stolen since January but has three times the number of victims at nearly 45,800.

Pussy Drainer and Pink Drainer together have been used to steal from over 6,000 victims with $17.5 million in funds pilfered across the two. Monkey Drainer was estimated to have stolen about $13 million worth of digital assets in total during its reign.

Venom Drainer’s stats show the service has stolen, on average, around $1,800 worth from each victim. Source: Dune

Crypto drainers work by having the victim unknowingly agree to a malicious transaction in their crypto wallet that allows a smart contract to transfer out a portion of assets or the entire contents of the wallet, depending on the transaction that was signed.

Scam Sniffer told Cointelegraph that most crypto drainers are rented out to groups undertaking phishing scams and the drainer takes a percentage cut of the loot.

Many operate on this pricing model but some have an additional access fee. Blockchain security firm CertiK explained that Inferno — like many other drainers — “has a 20% commission” while Venom has “introduced an initial $1,000 fee” for first-time users.

Scam Sniffer said some draining services advertise “add-ons” such as including malicious signature requests that emulate popular nonfungible token (NFT) marketplaces such as Blur and X2Y2.

“In the NFT space, there are a lot of protocols that use unreadable signatures like Seaport, Blur and X2Y2,” Scam Sniffer explained. “If the victims have assets on Blur, the drainers could launch particular malicious signatures to steal NFTs approved to trade on Blur.”

Not all drainers are around forever though. According to Scam Sniffer, once the person or people behind a drainer steal a certain amount of funds, they will announce they’re quitting — likely an attempt at staving off law enforcement.

Related: Crypto scams are going to ramp up with the rise of AI

However, it added as one crypto drainer leaves another takes its place “because it’s profitable! […] And no one has been arrested so far.”

The are currently multiple crypto-draining services making the rounds on Telegram. CertiK shared images with Cointelegraph showing other drainers named Angel, Spawn, Whale and Atomic.

In March, the crypto-draining service Monkey Drainer announced they were “shutting down” saying it was “time to move on to something better.”

The person behind Monkey Drainer pointed their “fellow cyber-gangsters” to Venom, touting it as a “flawless” service.

Magazine: Should you ‘orange pill’ children? The case for Bitcoin kids books