The cryptocurrency community was taken aback by the recent announcement from Mixin Network about a security breach that resulted in a loss of approximately $200 million. The Hong Kong-based project, which claims to be decentralised, has been under scrutiny following the incident. Here's a detailed look into the hack and the addresses involved:
Behind the Breach
On the morning of September 23, Mixin Network announced a significant loss due to an attack that had taken place the previous Saturday. The company later informed its users via a live stream that only 50% of their assets were guaranteed. This revelation has raised eyebrows, especially since an English summary of the livestream, which was promised in the initial announcement, is yet to be published.
Centralization Concerns: Despite Mixin Network's claims of being decentralized, the losses have been attributed to a hacked third-party database.
Attacker Addresses: The following addresses have been identified in connection with the hack:
0x52E86988bd07447C596e9B0C7765F8500113104c - Received 60k ETH ($94M)
0x3B5fb9d9da3546e9CE6E5AA3CCEca14C8D20041e - Received USDT, swapped to DAI ($23.5M)
0xB5d631A74AD9c9efcF96d6e9e2fAbcB75C67Eafa - Used to disperse ETH to victim addresses for gas to transfer USDT
bc1qq7uefmz6nng5c4dzs9mwrxxyh9sxg5cjg85hes - Received 891 BTC ($23M)
These transactions suggest a potential leak of Mixin’s private keys held in the database.
Lessons from the Incident
At this early stage of the investigation, it is clear that storing private keys in a centralised database is an absolute no-go, as this is a single point of failure with devastating consequences.
Rivanorth is a global boutique Web3 cybersecurity company. We specialise in smart contract audits and blockchain security advisory. Visit https://rivanorth.com/ to find out more.
You build the future. We help you secure it.