In a significant security breach within the cryptocurrency trading sector, Kronos Research, a Taiwanese quantitative trading firm, fell victim to a hack resulting in the loss of over $25 million.
Behind the Breach
The breach was initiated through unauthorised access to some of Kronos Research's API keys, the root cause of this is still unknown but a common vector of compromise is usually through targeted phishing attacks. The hacker utilised these compromised keys to execute transactions that drained funds from Kronos Research accounts across multiple exchanges. The funds were transferred directly to the hacker's addresses from OKX and BTSE, and from centralised exchange (CEX) wallets via Kronos' address to the hacker from Binance and Deecoin.
The attacker employed a strategy of dispersing tokens among various addresses on Ethereum, which were then used to swap out tokens to ETH or further disperse them to new addresses. The largest asset losses included substantial amounts of Ethereum (ETH) and other cryptocurrencies, with the total damage estimated to be around $25 million.
Response and Recovery Efforts
Following the attack, Kronos Research disclosed the incident via a post on social media and promptly halted its trading services on the platform. The firm is currently conducting internal investigations to identify the perpetrator and recover the stolen assets. Despite the significant loss, Kronos Research declared that the amount stolen wasn’t a critical part of the company’s assets and expressed commitment to resuming normal operations as quickly as possible.
Lessons from the Incident
This incident underscores the critical importance of securing API keys in the cryptocurrency world. It's often assumed that Web3 is only affected by Web3 native vulnerabilities but it's hacks like these that show that Web2 security is a crucial aspect of any Web3 project's success.
Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit rivanorth.com to find out more.
You build the future. We help you secure it.