Stay Informed: Recent Crypto Exchange Exploit Uncovered
Recently, an on-chain analyst discovered suspicious outflows from the Rain cryptocurrency exchange following an exploit on April 29. The exploit led to the transfer of approximately $14.1 million worth of various cryptocurrencies to a new wallet under questionable circumstances. Here’s what you need to know:
Details of the Incident
- ZachXBT, an on-chain analyst, shared information about the exploit via their Telegram channel, highlighting the suspicious outflows from Rain’s Bitcoin, Ethereum, Solana, and XRP wallets.
- The funds from these wallets were swiftly transferred to instant exchanges, converted into Bitcoin and Ethereum, and then moved to two addresses on the Bitcoin and Ethereum networks.
Uncovering the Addresses
Following the trail of the exploited funds, it was discovered that:
- The Ethereum address ending in “6c28” now holds around 1,881 ETH, valued at $5.5 million.
- The Bitcoin address with the suffix “prp2” contains 137.9 BTC, valued at $8.6 million.
Analysis by Arkham Intelligence
Arkham Intelligence data revealed:
- The Ethereum destination address received funds from an address ending in “d609,” which received the funds from various sources.
- These wallets, while not explicitly linked to Rain, were involved in transferring over 590 ETH, 20 billion Shiba Inu, 12,500 Chainlink, $240,000 Tether, and $500,000 USD Coin.
Rain Exchange Background
Rain is a centralized crypto exchange based in Bahrain, catering primarily to customers in Southwest Asia and the Middle East. It has facilitated trading volumes exceeding $1 billion since its inception.
Recent Developments at Rain Exchange
Despite its pivotal role in the region’s crypto scene, Rain has experienced disruptions as:
- The exchange’s “pro” version has been intermittently down since May 5.
- In 2023, Rain obtained approval from Abu Dhabi’s financial regulator to operate as a virtual asset brokerage and custody service provider.
Lazarus Group’s Alleged Involvement in Crypto Laundering
In separate claims, ZachXBT implicated North Korea’s Lazarus Group in laundering over $200 million worth of cryptocurrency into fiat currency over four years. The laundering operation allegedly involved:
- At least $44 million worth of stolen crypto laundered through Paxful and Noones, utilizing specific usernames for transactions.
- The conversion of stolen funds into Tether stablecoin before cashing out, with historical reliance on China-based over-the-counter traders for crypto-to-fiat conversions.
NFT Losses and Industry Hacks
Furthermore, the report highlighted:
- A holder of Bored Ape Yacht Club tokens who lost three rare NFTs, alongside crypto investors losing $2 billion to hacks and exploits in the previous year and the first quarter of this year.
Hot Take: Protecting Your Crypto Assets
As a savvy crypto enthusiast, it’s crucial to stay vigilant about potential exploits and security breaches in the industry. By staying informed and taking proactive measures to secure your assets, you can safeguard your investments from malicious actors seeking to exploit vulnerabilities in the crypto space.
Sources:
– ZachXBT Telegram Channel
– Ethereum Address Details
– Rain Exchange Trading Volumes
– Rain Approval by Abu Dhabi Regulator
– ZachXBT’s Analysis on Crypto Laundering
– Lazarus Group’s Crypto Laundering Activities