Kronos Research Loses $25 Million After API Keys Compromise
Please note that we are not authorised to provide any investment advice. The content on this page is for information purposes only.
In another latest round of crypto hacks, Kronos Research has been massively hit by unknown cybercriminals. The quantitative trading firm reportedly lost $25 million through a few of its compromised API keys.
Investigation Ongoing
Technology and science-driven trading firm Kronos Research is the latest victim of a cryptocurrency platform attack.
Making an official statement on November 19 on its X (formerly Twitter) handle, the Taipei-based quantitative trading platform stated that it experienced unauthorized access to some of its application programming interface (API) keys.
Given this, all trading activities on Kronos Research were paused in order to conduct an extensive investigation.
In the interest of transparency
Around 4 hours ago, we experienced unauthorized access of some of our API keys. We paused all trading while we conduct an investigation. Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.— Kronos Research 🟠 (@ResearchKronos) November 18, 2023
Ending its remarks, the trading platform revealed that potential losses are not a significant part of its equity, meaning that investors’ digital funds are covered. It plans to resume trading as soon as the ongoing investigation is concluded.
While Kronos Research has remained coy on how much losses it suffered from the attack, blockchain sleuth ZachXBT has provided better context on the cryptocurrency platform hack.
According to a snapshot from the Ethereum search engine platform, Etherscan, Kronos Research was hacked for $25 million. The Ether value is estimated at 12,800 tokens, which have mysteriously vanished from the trading platform.
According to ZachXBT, the malicious actor reportedly moved the funds from the Kronos Research account to six unique crypto wallet addresses created for that unique purpose.
This fund transfer was done in six separate transactions, with the least worth 4.93 ETH. The other five transactions saw 2,507.52, 2540, 2540, 2636, and 2780 Ethereum tokens leaving the Kronos Research platform within minutes of the platform hack.
Looks possibly like $20.3M+ (12800+ ETH)
0x2b0502FDab4e221dcD492c058255D2073d50A3ae pic.twitter.com/sLnFA0VXhk
— ZachXBT (@zachxbt) November 18, 2023
Meanwhile, Kronos Research is not the only platform targeted by malicious actors. Fellow blockchain platform Poloniex exchange got hacked for $114 million.
The identification of the hacker behind the #Poloniex hack is a major development in the ongoing investigation into this high-profile cybercrime. With this newfound knowledge, #Poloniex and law enforcement agencies can now focus their efforts on tracking down the perpetrator and… pic.twitter.com/o5wcviDJ9w
— Catherine.eth (❤️.❤️) XXX (@catherinedefi) November 19, 2023
The centralized cryptocurrency trading platform has recently come out to reveal that the cybercriminal has been identified. However, it said it would give the individual seven days to return the funds in exchange for $10 million to identify the critical loopholes.
Crypto Losses Skyrocket in Third Quarter
The cryptocurrency market has grappled with regulatory uncertainties and a significant cyberattack surge.
The nascent industry is renowned for its innovative financial solutions, which have rendered several legacy-backed financial institutions obsolete. However, insecurity has been rife in the emerging ecosystem.
Shedding light on a heatedly debated topic, Immunefi’s Crypto Losses report for the third quarter of 2023 showed that over $685 million was reportedly lost in the Web3 ecosystem in the stated period.
Of that lot, $662 million was lost to cyberattacks, and this was captured across 47 separate incidents. The remaining $22 million plus was recorded in 27 specific fraudulent incidents.
The total figure of $685 million represents a 59.9% increase from over $428 million recorded from the same period in 2022.
According to the blockchain security platform Immunefi, a total of 76 incidents were documented, resulting in losses amounting to a jaw-dropping $686 million.
This, compared to the same period in 2022, is a cause for concern within the crypto and Web 3.0 communities pic.twitter.com/yTvB2hn4YL
— Strike Security (@strike_secure) November 15, 2023
Zooming in on the significant losses, Immunefi noted that the Mixin and Multi Chain networks exploit represented the largest losses of the entire Web3 ecosystem in the third quarter of 2023. The two blockchain protocols reportedly lost $326 million combined, representing 47.5% of the total value.
Continuing a rather unsavory award for the most crypto hacks, the North Korea-backed anonymous cyber threat group Lazarus pocketed $208.6 million from the list of total exploits. This figure represents 30% of the total losses.
The state-backed Lazarus Group also launched cyber attacks on crypto exchanges and blockchain platforms like CoinEx, Alphapo, Stake, and CoinsPaid.
