Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
FixedFloat DEX Hacked for $26M in BTC and ETH, Loot Already Moved

FixedFloat DEX Hacked for $26M in BTC and ETH, Loot Already Moved

CryptopotatoCryptopotato2024/02/19 08:19
By:Martin YoungMore posts by this author

The decentralized exchange FixedFloat has been exploited for just under $26 million in Bitcoin and Ethereum.

On Feb. 18, the FixedFloat team confirmed that the platform was hacked after blockchain sleuths reported the spurious crypto movements.

“We confirm that there was indeed a hack and theft of funds,” it stated in response to a post on X revealing the exploiter’s address.

However, no further details were provided, with the team stating, “We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate.”

There were no new posts or details on the FixedFloat X account as of early Monday morning on Feb. 19. Moreover, the FixedFloat website was also offline with the message “Technical work is underway, we will be back soon!” at the time of writing.

Looks like @FixedFloat just got exploited for 1700 ETH!

Drainer address: 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085

Info by: @reprove pic.twitter.com/XHnHy3CFSs

— Officer’s Notes (@officer_cia) February 18, 2024

Another DEX Exploit

On Feb. 19, blockchain security firm PeckShield reported that around 1,728 ETH worth roughly $4.85 million and 409 BTC worth around $21 million were stolen in the attack.

The hacker has already transferred most of the stolen Ethereum to the eXch exchange, it added.

#PeckShieldAlert #FixedFloat was hacked, resulting in ~1,728 $ETH (worth ~$4.85m) and 409 $BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen $ETH to #eXch on #Ethereum pic.twitter.com/IZKbCclH8v

— PeckShieldAlert (@PeckShieldAlert) February 19, 2024

FixedFloat is a crypto exchange powered by the Bitcoin Lightning network claiming to be completely automated. It facilitates crypto swaps without the need for user registration or know-your-customer (KYC) verification.

Web3 threat researcher ‘Officer’s Notes’ did a little more digging and said that in addition to multiple deposits for eXch, the FixedFloat Drainer also transferred stolen funds to HitBTC.

“Perhaps FixedFloat Drainer thus simply decided to confuse its trail by framing the innocent owner of these deposit addresses,” they theorized.

“Anything is possible. I don’t see any addresses (other than the hacker’s address) that link these 2 HitBTC deposit addresses (when analyzing ETH and token transactions). Most likely, the hacker created only a false trail.”

Due to its anonymous nature, FixedFloat is often used as a coin mixer to obfuscate a transaction trail.

Crypto Exploits Continue

According to the De.Fi Rekt database , there have already been several large crypto exploits and hacks this month.

On Feb. 9, gaming and metaverse platform PlayDapp lost $32 million in an access control exploit.

A few days later, on Feb. 13, Duelbits suffered a similar access control exploit, resulting in a loss of $4.6 million.

You Might Also Like:

  • SIM Swappers Charged Over $400 Million FTX Hack Amid Bankcuptcy Filing
  • Uniswap Scare: CertiK's Hacked Account Spreads False Vulnerability Claim
  • Crypto Hacking Losses Dropped by 51% in 2023, Here's the Total: CertiK
0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!