Kronos Research - REKT

Deja-vu, anyone?
Market maker Kronos Research lost $26M over the weekend, leading to liquidity issues on closely-associated CEX, Woo X.
The Taiwan-based trading firm admitted to having suffered an attack via “unauthorized access of some of our API keys”.
A later update confirmed the amount lost, adding “despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, no partners will be affected”.
According to Woo X, Kronos was the exchange’s largest LP, so when their trading was halted following the hack, Woo X decided to pause markets in order to “protect users positions from a lack of liquidity”.
Users were not happy.
A market maker taking heavy losses and disrupting their partner exchange…
…where have we heard that before?

Credit: X-explore
Kronos Research accounts on four exchanges (across ETH and BSC) began to be drained at approximately 5PM UTC on Saturday.
As well as being transferred directly to the hacker’s address (from OKX and BTSE), funds flowed from CEX wallets, via Kronos’ address and then to the hacker (from Binance and Deeocoin). This was likely due to whitelist restrictions on the addresses to which CEX withdrawals could be made.
Attacker address: 0x2b0502FDab4e221dcD492c058255D2073d50A3ae
A full breakdown of the assets, exchanges and chains can be seen in the flowchart below:


This is not the first time Kronos has had issues, as reported in August:
Two engineers who were dissatisfied with the unpaid bonus tampered with the code of the crypto quantitative trading team Kronos Research before leaving, causing the company to lose $1.4m
Nor is it the first time API leaks have led to losses from CEX accounts.
But perhaps the most interesting aspect of this story is the eerily familiar relationship between Kronos and Woo X.
Have users learned nothing from last November?
Previously boasting of an Alameda/FTX/FTT type setup while half-heartedly claiming to be credibly separate entities…
With so much in common with the drama that marked the lowest point of the bear market, perhaps we’re coming full circle.
We all know crypto is cyclical.
So this must mean we're back, right?

REKT sirve como plataforma pública para autores anónimos, nos deslindamos de la responsabilidad por las opiniones y contenidos alojados en REKT.
dona (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C
aviso legal:
REKT no es responsable ni culpable de ninguna manera por cualquier Contenido publicado en nuestro Sitio Web o en conexión con nuestros Servicios, sin importar si fueron publicados o causados por Autores ANÓN de nuestro Sitio Web, o por REKT. Aunque determinamos reglas para la conducta y publicaciones de los Autores ANÓN, no controlamos y no somos responsables por cualquier contenido ofensivo, inapropiado, obsceno, ilegal o de cualquier forma objetable, que se pudiera encontrar en nuestro Sitio Web o Servicios. REKT no es responsable por la conducta, en línea o fuera de línea, de cualquier usuario de nuestro Sitio Web o Servicios.
te podría gustar...
Woo X - Rekt
$14 million lost on WOO X when a phishing attack compromised a team member's device, giving hackers access to wallets across multiple blockchains. Third strike for WOO ecosystem after $25 million Kronos and $8.5 million WooFi breaches - turning their best-in-class security into a joke.
Tapioca DAO - Rekt
Another day, another private key theft, another protocol rekt. Tapioca DAO on Arbitrum suffers a roughly $4.4 million loss in a private key compromise. Some funds have been recovered, though the full extent of the damage remains to be seen.
Radiant Capital - Rekt II
Radiant Capital gets a $53M haircut. Thought multi-sigs were safe? Think again. Radiant's "robust" 3/11 setup crumbled like a house of cards. Exploited twice in 2024, the future of Radiant looks about as bright as a black hole.