Nikolas Sargeant
On February 18, the FixedFloat team officially acknowledged the hack following reports from blockchain investigators regarding suspicious crypto transactions.
We confirm that there was indeed a hack and theft of funds," the team responded to a post on X, revealing the exploiter's address. However, specific details remain undisclosed, with the team stating, "We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate.
As of early February 19, there were no new posts on the FixedFloat X account, and the platform's website displayed an offline message: "Technical work is underway, we will be back soon!"
Exploitation Spree: Another DEX Falls Victim
On February 19, blockchain security firm PeckShield disclosed that the attack resulted in the theft of approximately 1,728 ETH (equivalent to $4.85 million) and 409 BTC (around $21 million). Notably, the hacker swiftly transferred most of the pilfered Ethereum to the eXch exchange.
FixedFloat, a crypto exchange utilizing the Bitcoin Lightning network and boasting full automation, facilitates crypto swaps without requiring user registration or know-your-customer (KYC) verification.
Further investigation by web3 threat researcher 'Officer’s Notes' revealed additional deposits to eXch and the transfer of stolen funds to HitBTC. Speculating on the motives, they suggested, "Perhaps FixedFloat Drainer thus simply decided to confuse its trail by framing the innocent owner of these deposit addresses."
Ongoing Crypto Challenges
The De.Fi Rekt database highlights a series of crypto exploits and hacks in the current month. On February 9, PlayDapp, a gaming and metaverse platform, suffered a $32 million loss due to an access control exploit. Just days later, on February 13, Duelbits encountered a similar access control exploit, resulting in a loss of $4.6 million. The cryptocurrency landscape remains vulnerable to persistent threats and breaches.
