Security Concerns Intensify as Fixed Float Experiences Yet Another $2.8 Million Hack
Cryptocurrency exchange FixedFloat has once again fallen victim to a security breach, resulting in the loss of approximately $2.8 million worth of digital assets from its Ethereum chain hot wallet. The breach, reported by CyversAlerts, has left users anxiously awaiting a resolution from the platform.
The stolen funds from FixedFloat’s hot wallet were quickly transferred to a suspicious address, consisting of Ethereum (ETH), tether (USDT), Wrapped Ethereum (WETH), Dai (DAI), and USD Coin (USDC). The hacker then converted these assets into Ethereum on decentralized exchanges before funneling them through the eXch exchange.
Following these unauthorized transactions, operations of the compromised hot wallet were suspended, and the company’s website was taken offline for maintenance, causing further concern among users. To mitigate the impact of the breach, stablecoin issuer Tether blocklisted ten addresses associated with the unauthorized withdrawals, effectively freezing around $400,000 worth of USDT tokens.
This incident marks the second major security breach suffered by FixedFloat. Previously, on February 16, the platform experienced a theft amounting to $26 million. During that attack, the hacker made off with 1728 ETH valued at $4.85 million and an additional 409 BTC valued at $21 million, resulting in total crypto losses of $26 million.
Experts analyzing the stolen assets found that they were distributed among multiple addresses in the Bitcoin chain, while assets from the Ethereum chain were routed to the eXch exchange. It is speculated that the hacker may have gained access to a private key associated with one of the exchange’s addresses.
Upon discovering the latest exploit, FixedFloat confirmed the validity of the hack and identified the same hacker as the culprit behind both the February and current breaches, targeting the Ethereum hot wallet holding coins worth $2.8 million. The team placed blame on a third-party services provider they were using, from whom the hacker exploited a vulnerability. They also emphasized the ongoing efforts to strengthen the security infrastructure.
FixedFloat reassured its customers that only the platform itself suffered financial losses, and user investments and the company’s funds remained secure. The exchange pledged transparency throughout the investigation process and promised to provide updates as the situation unfolds.