Link copied 
FixedFloat, a decentralized cryptocurrency exchange known for its automated platform that facilitates crypto swaps without the need for user registration or Know Your Customer (KYC) verifications, has been rocked by a significant exploitation, resulting in losses estimated at $26 million worth of Bitcoin and Ether.
The breach was detected through meticulous analysis of on-chain data.
Confirmation of the attack came swiftly from the exchange's team, who responded shortly after reports surfaced on X (formerly Twitter). Initially, the team attributed the sudden outflows to "minor technical issues" and promptly shifted their services to maintenance mode to contain the situation.
User Reports and On-chain Data
User reports started flooding in on February 17, detailing frozen transactions and funds mysteriously vanishing from accounts on the exchange's X page.
On-chain analysis further corroborated these claims, revealing a significant drain on February 18, with over 400 Bitcoin, valued at approximately $21 million, and more than 1,700 Ether, worth nearly $5 million, being siphoned off.
According to Coin Telegraph, visitors attempting to access the exchange's website were greeted with error messages on all pages, signaling widespread disruption and compounding the concerns of users.
About FixedFloat and Cybersecurity Challenges
FixedFloat, with its no-registration-required approach, has garnered a significant user base, with approximately 26% of its web traffic originating from users in the United States. Notably, the exchange has integrated with the Lightning Network for Bitcoin transactions, aiming to enhance transaction speed and scalability.
However, the incident underscores the persistent cybersecurity challenges faced by crypto projects. Beyond FixedFloat, the broader crypto ecosystem continues to grapple with threats. For instance, the Solana ecosystem has faced vulnerabilities from scam-as-a-service marketplaces offering tools capable of executing sophisticated attacks, such as bit-flip attacks.
According to Daily Coin, the resurgence of ransomware payments in 2023, mainly targeting high-profile institutions and critical infrastructure, has been flagged by cybersecurity experts.
A recent report by Chainalysis revealed that criminal entities amassed a staggering $1 billion in profits last year through supply chain attacks, illustrating the scale and sophistication of modern cyber threats within the crypto space.
Photo: Microsoft Bing
