Yesterday, the exchange became aware of an attack utilizing compromised private keys obtained through a phishing scheme.
The exploiter successfully drained assets from the ALEX protocol, prompting immediate response measures.
Swift Action and Transparency in Response to Security Breach
The attack targeted one of the vaults associated with ALEX’s liquidity pool, affecting all assets within it. Notably, approximately 13.7 million STX was compromised, with about 3 million STX sent to various centralized exchanges (CEXs).
ALEX has made significant progress in recovering affected assets, including aBTC, sUSDT, xBTC, and xUSD. Also, ALEX, atALEX, LiSTX, LUNR, SKO, CHAX, $B20, ORDG, ORMM, ORNJ, TRIO, TX20, and STXS. Importantly, the smart contract code and underlying infrastructure of ALEX remain uncompromised.
ALEX Security Update
Dear Community,
We want to keep everyone informed about the recent attack and our ongoing efforts to address the situation with ALEX. Yesterday, we became aware of an exploit using compromised private keys obtained via a phishing attack. The exploiter was…— ᛤ ALEX 🟧 THE Finance Layer on Bitcoin ᛤᛤᛤ (@ALEXLabBTC) May 16, 2024
The exchange is actively monitoring the exploiter’s wallets and has informed all relevant CEXs of the situation. All known CEX accounts associated with the exploiter have been frozen. Deposit and withdrawal functions on these exchanges have been halted until further notice. ALEX has implemented multiple alarms to monitor suspected addresses created by the exploiters, aiding efforts to trace stolen funds.
More About ALEX’s Hack
Efforts to recover stolen funds are underway, with a portion already identified and in the process of being recovered from one CEX. ALEX is working closely with other exchanges to facilitate the return of additional funds. The exchange is preparing to file a police report for law enforcement support if the exploiter refuses to cooperate. This is the X post from ALEX’s Co-Founder:
This is an unfortunate situation and here is the full report to all impacted users. Although some haters say we (two "Chinese" women) are not "trustworthy" in all of this, still, a lot of community members, friends, investors sent their goodwill and support.
This is a targetted… https://t.co/DfAk9XQFVb— rachel.btc (@rachel_alexgo) May 16, 2024
ALEX’s swift and transparent response to the exploit demonstrates its commitment to protecting user assets and maintaining trust within the community.
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment, and informational purposes only. Any information or strategies are thoughts and opinions relevant to the accepted levels of risk tolerance of the writer/reviewers and their risk tolerance may be different than yours. We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments so please do your due diligence. Copyright Altcoin Buzz Pte Ltd.