Deribit - REKT
Deribit, the “World's biggest Bitcoin and Ethereum Options Exchange” has lost $28M from their hot wallets on the Ethereum and Bitcoin networks.
The official announcement stated that the loss will be covered by company reserves and that they keep “99% of our user funds in cold storage to limit the impact of these type of events”.
Withdrawals were temporarily suspended, with a later update informing users that on-chain deposit addresses for BTC, ETH and USDC will have to be regenerated, and previous deposit addresses will no longer be valid.
As with all cases of “compromised keys”, only insiders can say for certain what caused the breach, but if it was due to a phishing attack, then of course we have our usual suspects…
Deribit lost roughly equal amounts across the two chains. The Ethereum hot wallet lost 6968 ETH and 3.4M USDC and the Bitcoin hot wallet lost 691 BTC.
Attacker’s ETH address: 0xb0606f433496bf66338b8ad6b6d51fc4d84a44cd
Attacker’s BTC address: bc1qw5g8lw4kzltpdcraehy2dt6dqda8080xd6vhl4kg4wwsypwerg9s3x6pvk
Funds still remain in the attacker’s addresses, potentially offering some hope for a bounty settlement.
Perhaps this is a good time to test out SBF’s recently proposed 5:5 bounty standard ($1.4M in this case).
Let’s see if the attacker prefers $1.4M or $28M…
Just under a year ago, a string of high-profile CEX hacks saw enormous amounts of money lost from compromised hot wallets: Bitmart ($196M), Ascendex ($78M), Crypto.com ($34M).
Then, a switch in focus towards bridge hacks saw our leaderboard fill up with names such as Ronin, BNB, Wormhole, Nomad and Harmony, some of which were confirmed to be carried out by North Korea’s state sponsored hackers, the Lazarus Group.
If they also carried out this phishing attack, then Deribit will not be getting their funds back.
When you consider how North Korea spends their money, then the consequences of these attacks seem much more serious.
How much of the $5.2B listed on our leaderboard has gone to state-sponsored attackers?
We may never know for certain.
Deribit takes #32.
REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.
donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.
you might also like...
Crypto.com - REKT
Another CEX rekt, but they have yet to admit it. ~$33.7M taken, hundreds of users affected, and Crypto.com are still claiming that "funds are safe".
LCX - REKT
Nothing to see here… Another CEX rekt, $7.94M stolen. The USP of centralised finance grows smaller by the day.
Vulcan Forged - REKT
Four cases in ten days. $140M gone from Vulcan Forged. "Compromised keys" are so hot right now.