Crypto exchange FixedFloat reportedly suffers $26m hacker attack

Automatic decentralized crypto exchange FixedFloat seemingly suffered a multi-million hacker attack, resulting in a loss of Bitcoin and Ethereum.

In an X post on Feb. 18, the FixedFloat team addressed the issue after it was first reported by blockchain researcher @reprove. While the details regarding the nature of the hack remain undisclosed, the developers characterized it as a “minor problem.” Despite this, the acknowledged a loss of at least 1,700 Ethereum (ETH), valued at approximately $4.7 million at the time of writing.

The incident has sparked speculation regarding the potential involvement of FixedFloat developers in the theft, with some suggesting that an insider might have been behind the breach. For instance, @reprove hinted at this possibility, implying that a developer could have taken off with the stolen crypto. However, FixedFloat has yet to release any additional statements or updates beyond their initial disclosure.

The total sum of the stolen funds might be way bigger, as analysts at blockchain security firm CertiK say the hacker also drained more than $21 million worth of Bitcoin (BTC). As per the firm, the funds stolen on Ethereum have already been transferred through eXch, a smart contract for swapping tokens.

At the same time, part of the stolen funds in Bitcoin have reportedly been sent to Samourai Wallet to use CoinJoin transactions, a method of combining multiple payments from different spenders into a single transaction as a way of mixing funds.

Established in 2019, FixedFloat operates as a non-custodial cryptocurrency exchange supporting Ethereum and Bitcoin transactions, including those facilitated through the Lightning Network. Notably, earlier this month, analysts at Forta Network found out that FixedFloat had been involved in financing over 23% of flash loan attacks, underscoring the platform’s recent prominence within the crypto ecosystem.