Kronos Trading Firm suffers security breach, $25m in losses

Taiwan-based trading firm Kronos Research recently suffered a major security breach, leading to estimated losses of $25 million.

According to the company, the security breach involved the unauthorized access of API keys, leading to a loss of around 13,007 ETH, valued at $25 million at the time.

Kronos disclosed the incident on Nov. 18 via a post on social media.

In the interest of transparencyAround 4 hours ago, we experienced unauthorized access of some of our API keys. We paused all trading while we conduct an investigation. Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.

— Kronos Research 🟠 (@ResearchKronos)

The potential losses were not a significant portion of its equity, Kronos explained.

Blockchain researcher ZachXBT identified substantial Ether outflows from a linked wallet, amounting to over $25 million worth of the cryptocurrency.

Sorry should be $25M not $20.3M****

— ZachXBT (@zachxbt)

Woo X, a local centralized exchange associated with Kronos, announced it is temporarily suspending specific trading pairs briefly, to address the liquidity loss but has now resumed spot and perpetual trading, along with withdrawals. 

The exchange assured that client funds remain secure. Kronos continues to investigate the unauthorized access and has not disclosed additional details regarding the extent of losses.

Status update– First and foremost, all client assets are safe– TLDR our largest liquidity provider Kronos Research recently experienced a hack that caused them to pause all trading on WOO X– Since Kronos Research is the primary liquidity provider for spot markets and around…

— WOO X (@_WOO_X)

This incident has prompted concerns regarding the security of cryptocurrency trading firms and the vulnerabilities associated with managing API keys.

Renowned for its involvement in crypto research, marketing, and investment, Kronos Research now grapples with substantial financial repercussions arising from the breach. The unauthorized access event underscores persistent challenges in safeguarding digital assets and emphasizes the critical need for robust security measures within the cryptocurrency trading industry.

As the situation unfolds, organizations are urged to prioritize cybersecurity to effectively mitigate the risk of similar breaches in the future. 

It looks like people are having trouble on ! We’ll update you if we know more!ft: , , , ,

— Smol News (@NewsInSmol)

Security struggles, crypto heists on the rise

In recent months, a slew of significant crypto hacks and scams resulted in losses nearing a billion dollars. 

According to reports from Certik, these incidents were attributed to various factors such as protocol exploits, exit scams, private key exploits, and oracle manipulation. 

One notable event was the Mixin Network exploit in Sept. 2023, causing a $200 million loss and marking it as the most substantial exploit of the year. Furthermore, cybercriminals targeted, leading to a $735 million loss and placing it among the ten biggest hacks of the year. 

A total of ~$41M worth of cryptos were drained from , with ~$15.7M on (9.62K ), ~$7.85M on (14.24M ), and $17.75M on (82.65K )

— PeckShieldAlert (@PeckShieldAlert)

The top 10 hacks in 2023 accounted for 84% of the total stolen amount, with over $620 million taken in those attacks alone.

DefiLlama data reveals that cybercriminals have inflicted losses exceeding $735 million on crypto companies and defi protocols through 69 hacks in 2023. With three months remaining in the year, 2023 appears to fare better than 2022, which witnessed hackers making off with over $3.2 billion across 60 hacks.

These incidents underscore the persistent challenges in securing digital assets and highlight the urgent need for enhanced security measures within the cryptocurrency industry, emphasizing the critical importance of robust security protocols to safeguard digital assets.

Read More

2023-11-19 18:19