The FixedFloat Hack: How a Decentralized Application Suffered a $26 Million Attack in BTC and ETH
A few days ago, the decentralized non-KYC application FixedFloat was hacked, resulting in losses of 26 million dollars. According to the auditing and blockchain analysis company PeckShield, a total of 1728 ETH and 409 BTC were stolen, and some of the money was laundered through decentralized mixers and coinjoin transactions. FixedFloat assured that user funds are secure, and the hack did not affect the financial stability of the crypto exchange application.
Decentralized Application Losses
On Saturday, February 17th, FixedFloat was hacked, resulting in losses of 26 million dollars in BTC and ETH. Users reported frozen transactions and missing funds. Although it’s not clear how the attack occurred, FixedFloat stated that it was a small technical issue at the time of the incident. The platform remains inactive and in maintenance mode but will be reopened when it’s safe to use.
- Losses totaling $26 million
- Users reported frozen transactions
- Platform remains inactive
Vulnerability in FixedFloat’s Structure
The decentralized exchange is known for its non-KYC services which do not require registration under the classic “Know Your Customer” procedure. The characteristic of anonymity favored the hacker attack as no personal data was required to access the application.
Theft Details
- The theft amounts to precisely 1728 ETH worth $4.85 million and 409 BTC worth almost $21 million.
- Most of the ether has been transferred to decentralized exchanges on Ethereum blockchain.
- FixedFloat is working with law enforcement and blockchain forensic companies to track down the hackers.
Recycling Stolen BTC Through Coinjoin Operation
The BTC stolen from FixedFloat are about to be recycled through coinjoin transactions, making it difficult to determine which addresses have spent which amount. Part of the stolen funds has flowed into an address linked to Whirpool application that implements an advanced privacy system.
Coinjoin Transactions Details
- Coinjoin combines several BTC payments into a single transaction for increased privacy.
- Hacker exploited a mixer similar to coinjoin where some BTC have already been exchanged.
- 166 out of the 409 BTC have passed through Whirpool mixer.
Tweets on Incident
Crypto Environments & Decrease in Hacks
Incidents like this are common in cryptographic environments, especially in non-KYC ones that protect hacker anonymity. Despite numerous incidents recorded in 2023, hacks and exploits are decreasing compared to previous years. Overall, the value of hacked funds has decreased by about 54.3% compared to 2022.
Tweets on Incident
A few days ago, the decentralized non-KYC application FixedFloat suffered a hack attack on its infrastructure, resulting in losses of 26 million dollars.
By
By
By
By
By