Automatic decentralized crypto exchange FixedFloat seemingly suffered a multi-million hacker attack, resulting in a loss of Bitcoin and Ethereum.
In an X post on Feb. 18, the FixedFloat team addressed the issue after it was first reported by blockchain researcher @reprove. While the details regarding the nature of the hack remain undisclosed, the developers characterized it as a “minor problem.” Despite this, the acknowledged a loss of at least 1,700 Ethereum (ETH), valued at approximately $4.7 million at the time of writing.
, @FixedFloat just got exploited/the developer ran away with 1700 ETH yesterday, and the team is calling it "some minor technical problem" — crazy 😂
— 0xJosh (@reprove) February 18, 2024
Drainer address: 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085 pic.twitter.com/EOS7faWUyP
The incident has sparked speculation regarding the potential involvement of FixedFloat developers in the theft, with some suggesting that an insider might have been behind the breach. For instance, @reprove hinted at this possibility, implying that a developer could have taken off with the stolen crypto. However, FixedFloat has yet to release any additional statements or updates beyond their initial disclosure.
#CertiKSkynetAlert 🚨
— CertiK Alert (@CertiKAlert) February 18, 2024
On 16 Feb @FixedFloat was exploited leading to a loss of ~$26m
~$4.8m on Ethereum and ~$21.1m on BTC
Funds on Ethereum have been transferred through eXch pic.twitter.com/ShKFSGmcWG
The total sum of the stolen funds might be way bigger, as analysts at blockchain security firm CertiK say the hacker also drained more than $21 million worth of Bitcoin (BTC). As per the firm, the funds stolen on Ethereum have already been transferred through eXch, a smart contract for swapping tokens.
Part of the stolen funds(166.1 BTC) on Bitcoin were sent to Samourai Wallet to use Coinjoin transactions. pic.twitter.com/pro8m9WNXg
— Evgenii| BLIN Analytics (@CryptoEvgen) February 18, 2024
At the same time, part of the stolen funds in Bitcoin have reportedly been sent to Samourai Wallet to use CoinJoin transactions, a method of combining multiple payments from different spenders into a single transaction as a way of mixing funds.
Established in 2019, FixedFloat operates as a non-custodial cryptocurrency exchange supporting Ethereum and Bitcoin transactions, including those facilitated through the Lightning Network. Notably, earlier this month, analysts at Forta Network found out that FixedFloat had been involved in financing over 23% of flash loan attacks, underscoring the platform’s recent prominence within the crypto ecosystem.