On-chain data reveals a significant security breach confirmed by the exchange team after initial reports.

In a major blow to decentralized crypto exchange FixedFloat, on-chain data indicates an exploit resulting in losses of at least $26 million in Bitcoin and Ether.

The exchange team officially acknowledged the security breach, confirming reports that initially surfaced on X (formerly Twitter) just hours prior. Initially dismissing the situation as "minor technical problems," the team swiftly transitioned its services into maintenance mode.

Complaints from users on the exchange's X page have surged since February 17, citing frozen transactions and missing funds. On-chain records detail a drain of over 400 Bitcoin valued at around $21 million and over 1,700 Ether, nearing $5 million, on February 18.

The exact method employed in the attack remains unclear, prompting the exchange team to delve into a comprehensive investigation of the security incident. In an official statement, they commented:

"We confirm that there was indeed a hack and theft of funds. We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate. Our service will be available again soon. We will provide details on this case a little later."

Compounding the situation, the exchange's website currently displays an error message across all pages.

FixedFloat, known for its automated crypto exchange model that sidesteps user registration and Know Your Customer (KYC) verifications, has approximately 26% of its web traffic originating from the United States, as per SEMrush data. Notably, the exchange integrates with the Lightning Network for Bitcoin transactions.

The incident highlights the persistent challenge of on-chain cybersecurity within the crypto space. Platforms like the Solana ecosystem have faced threats from scam-as-a-service marketplaces offering drainers capable of executing bit-flip attacks.

Chainalysis, a blockchain analytics firm, underscored the resurgence of ransomware payments in 2023, particularly targeting high-profile institutions and critical infrastructure. A recent report revealed that criminals reaped a record-breaking $1 billion through supply chain attacks last year, spanning individuals, small criminal groups, and large syndicates.

(Photo Source / Blockonome)