Mixin Network hack drains $200M from mainnet assets
Decentralized peer-to-peer network Mixin Network has lost approximately $200 million in a hack involving the compromise of the database of a third-party cloud service provider.
On Sept. 25, Mixin Network confirmed that a hack on Sept. 23 drained approximately $200 million worth of crypto assets from its mainnet. An immediate suspension of all deposit and withdrawal services on Mixin Network followed the revelation.
[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network’s cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team…
— Mixin Kernel (@MixinKernel) September 25, 2023
Mixin Network appointed blockchain investigator SlowMist, as well as Google, to help investigate the hack as the Mixin team attempts a recovery. At the time of the hack, Mixin held $94.48 million in Ether (ETH), $23.55 million in Dai (DAI) and $23.3 million in Bitcoin (BTC), according to a separate investigation conducted by PeckShield. The total portfolio amounted to $141.32 million.
An independent investigation from Web3 SaaS analytics platform 0xScope revealed the hacker’s historical relationship with Mixin Network. In 2022, the address 0x1795 — which has been linked to the hacker — received 5 ETH from Mixin, and was deposited into Binance later.
According to an 0xScope analyst, the hacker converted the Tether (USDT) loot to DAI as a way to prevent any freezing of funds.
An address connected to the recent $200M @MixinKernel #hack received 5 $ETH from the platform last year and deposited 5.9 $ETH on #Binance soon after.Also, the hacker then swapped $USDT for $DAI to avoid being frozen.See how the hackers used addresses in the Mixin attack below pic.twitter.com/x3rfyMAv5W
— 0xScope ( . ) (@ScopeProtocol) September 25, 2023
Deposits and withdrawals on Mixin Network will recommence “once the vulnerabilities are confirmed and fixed.” The plans to recover the lost assets for users were not announced immediately.
While it was initially promised that Mixin founder Feng Xiaodong would explain this incident in a public Mandarin livestream at 1:00 pm Hong Kong Time on Sept 25, links to the livestream were not provided on official social media channels such as X (formerly Twitter) or its official website mixin.network.
Mixin Network did not respond to Cointelegraph’s request for comment by publication.
Related: Remitano exchange hacked for $2.7M; $1.4M frozen by Tether
Ethereum co-founder Vitalik Buterin recently suffered a hack that compromised his social media profile on X.
Buterin confirmed that he fell victim to a SIM swap attack after “someone socially-engineered T-mobile itself to take over my phone number.” SIM swap or sim jacking attacks aim to control the victim’s mobile number and use two-factor authentication to access social media, bank and crypto accounts.
Magazine: ‘AI has killed the industry’: EasyTranslate boss on adapting to change