cryptopolitan.com
A crypto wallet associated with Binance has fallen prey to a sophisticated heist. The theft, totaling $27 million, was primarily in Tether stablecoins (USDT). Notably, the breach was unearthed by renowned blockchain detective ZachXBT.
The path of the stolen funds
The stolen funds were initially converted into Ethereum (ETH) through multiple protocols, including Fixed Float. Subsequently, these were then transferred to Bitcoin via the THORChain network.
According to ZachXBT’s meticulous analysis, the wallet received these funds from a Binance withdrawal just a week prior. Moreover, in May 2019, the same wallet reportedly received transactions from an address marked by Etherscan as a Binance smart contract deployer. This detail adds another layer to the ongoing investigation.
It appears someone had 27M USDT stolen yesterday.
— ZachXBT (@zachxbt) November 12, 2023
0x0f2183c8e415e61b4ad7774bf1097019eb2d5b85798a2a229070495131d60321
USDT was quickly swapped for ETH, then transferred to a number of services (FixedFloat, ChangeNow, etc), and bridged to Bitcoin via THORChain. pic.twitter.com/SgEBwyZZSc
The alleged attack took place yesterday, catching the crypto community off guard. It drained the wallet of its substantial USDT holdings, raising concerns about security measures.
Cyber attacks in the crypto industry
This incident raises significant concerns regarding the security of digital assets. The ease with which the funds were diverted and laundered through various channels calls for reassessing current safeguards in the crypto space. Binance hasn’t given an update concerning these funds as of now.
The crypto industry is no stranger to such breaches. Cryptopolitan reported yesterday that hackers are exploiting Ethereum’s CREATE2 opcode— which was meant to pre-determine contract addresses— for fraud and other illicit activities. This resulted in significant financial losses, with one user losing $927,000 worth of GMX tokens.
Also, Raft, a decentralized finance (DeFi) platform, was the target of a hack that resulted in the loss of around $3.3 million worth of ether (ETH). However, the attempt by the attacker to steal the funds led to an unexpected net loss of about 1,577 ETH from Raft.
In the Web3 Security Quarterly report for Q3 2023, Certik highlighted that this quarter has been the most eventful regarding security incidents, with a total loss of over $699 million across 184 incidents. This amount is significantly higher than the previous two quarters’ combined losses, which amounted to $320 million in Q1 and $313 million in Q2.