FixedFloat became the latest crypto platform to suffer a hack.
On-chain data shows that a hacker moved around $26 million worth of Bitcoin and Ethereum.
Inside the FixedFloat Hack Incident
The event was first reported on X, after which the FixedFloat team confirmed the situation, citing minor technical problems at first. The FixedFloat team said it is working to identify and resolve all areas of vulnerability following the hack.
Hello,
We confirm that there was indeed a hack and theft of funds. We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate. Our service will be available again soon.
We will…
— FixedFloat⚡️ (@FixedFloat) February 18, 2024
Several FixedFloat users took to X on Feb 17th to complain about frozen transactions and missing funds. More than 1,700 ETH worth about $5 million and over 400 bitcoins worth approximately $21 million had been wiped out of the exchange. It remains unclear how the hacker moved the funds.
The FixedFloat website currently displays an error message. However, the team responded to queries from its users on X, providing clarity on the situation.
You still haven’t responded to my request to lock stolen funds on your platform
— PDIGGAH (@PDIGGY22) February 19, 2024
When asked if the user’s funds were affected, the exchange replied, “Financial losses affected only our service; user funds were not affected. We also want to emphasize that FixedFloat does not perform the functions of a custodial service, that is, it does not store user funds. We will provide more information later.”
Financial losses affected only our service, user funds were not affected. We also want to emphasize that FixedFloat does not perform the functions of a custodial service, that is, it does not store user funds. We will provide more information later.
— FixedFloat⚡️ (@FixedFloat) February 19, 2024
The team recently warned that its site is still under threat. And that it has yet to resume its services. “We have only one domain; all other domains are scammers. Be careful; our service is still under maintenance, and we are not providing services yet,” the team warned.
We have only one domain, all other domains are scammers. Be careful, our service is still under maintenance and we are not providing services yet.
— FixedFloat⚡️ (@FixedFloat) February 20, 2024
What Caused the FixedFloat Hack?
Amidst several theories on what caused the hack, the FixedFloat team has ruled out rumors of an inside job. The team explained in an email that the hack was an external attack “caused by vulnerabilities in our security structure.”
In addition, the team explained that “the problem was in our infrastructure, which was compromised due to flaws and insufficient protection. This allowed the attackers to gain access to some of the functions of our service.”
I placed a swap order for Bitcoin through your website on February 16th, but the transaction was not completed after I paid. Upon contacting support, they stated that the transaction was stopped due to security issues and requested documentation from me via email.
— H Sanikhani (@HSanikhani) February 19, 2024
Speaking in its delayed public statement, the team noted that it did not immediately report the situation because it was “already aware of the incident and immediately began putting our service into maintenance mode to ensure security and minimize losses.”
The exchange added that “at that time, our main focus was on quickly eliminating weaknesses and strengthening overall security, which prevented us from making public statements about what happened.”
Looks like @FixedFloat just got exploited for 1700 ETH!
Drainer address: 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085
Info by: @reprove pic.twitter.com/XHnHy3CFSs
— Officer's Notes (@officer_cia) February 18, 2024
What is FixedFloat?
FixedFloat is a crypto exchange that operates without “know your customer” (KYC) anti-money laundering (AML). The absence of KYC procedures makes the exchange appealing to users interested in privacy.
#PeckShieldAlert #FixedFloat was hacked, resulting in ~1,728 $ETH (worth ~$4.85m) and & 409 $BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen $ETH to #eXch on #Ethereum pic.twitter.com/IZKbCclH8v
— PeckShieldAlert (@PeckShieldAlert) February 19, 2024
However, it leaves the platform and its users disadvantaged, as there is little information for an investigation.
FixedFloat is reportedly collaborating with law enforcement, blockchain forensics companies, and cryptocurrency exchanges to track the hackers. In addition, the exchange promised to fulfill all of its payment obligations once it restarted.
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment and informational purposes only. Any information or strategies are thoughts and opinions relevant to accepted levels of risk tolerance of the writer/reviewers, and their risk tolerance may be different from yours.
We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments, so please do your due diligence.
Copyright Altcoin Buzz Pte Ltd.
