Decentralized platforms and payment systems have revolutionized the finance world. However, as years pass, there’s been a growing issue of major hacks and security breaches. It’s become a multi-billion dollar business, and Mixin Network reports they’re the most recent victim. A significant security breach leaves Mixin Network, a prominent peer-to-peer network, $200 million in debt due to a hack involving the compromise of a third-party cloud service provider’s database. The incident occurred on September 23 and many are tying the hack to another Darknet Hacking group.
Mixin Network Hacked
Mixin Network, a platform that garnered investments and endorsements from renowned Chinese Key Opinion Leader Li Xiaolai, had become a cornerstone in the cryptocurrency ecosystem. With support for 48 public blockchains and a total network asset value surpassing $1 billion, it seemed to have a bright future. However, the recent security leaves them in a difficult place.
On September 23, 2023, Mixin Network fell victim to a major hack. The hackers managed to funnel nearly $200 million dollars worth of cryptocurrencies in the form of various tokens. According to Mixin Network, who swiftly paused all services until they could resolve the security flaw, the hackers in question found a vulnerability using one of Mixin’s third-party cloud service provider’s database. They have yet to confirm which one. The P2P tooling platform suspended all deposit and withdrawal services, leaving its users and investors concerned about the safety of their digital assets.
On September 25, Mixin Network confirmed the devastating impact of the hack, which drained almost all the cryptocurrency assets from its main net.
“In the early morning of September 23, the database of Mixin Network’s cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. The funds involved are approximately US$200 million.”
Difficult Road To Recovery
In an effort to address the situation and initiate a recovery effort, Mixin Network enlisted the expertise of blockchain investigator SlowMist and technology giant Google. The idea behind such a collaborative effort aims to not only investigate the breach but also to take measures to prevent future security lapses.
At the time of the hack, Mixin Network held a substantial amount of assets, including
- $94.48 million in Ether (ETH)
- $23.55 million in Dai (DAI)
- $23.3 million in Bitcoin (BTC).
- Over $40 million in other currencies.
At this point, the crypto community affected by the hack are sitting ducks, waiting on news of how Mixin Network plans to recover the lost assets for its users. At the time of this announcement, the platform had not provided details about its recovery strategy. It was initially promised that Mixin founder Feng Xiaodong would explain the incident in a public Mandarin live stream at 1:00 pm Hong Kong Time on September 25, yet links to the live stream weren’t provided.
“Regarding how to deal with the lost assets, the Mixin team will announce the solution afterward. Mixin founder Feng Xiaodong will explain this incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023. Please help spread the word.”
While some might accept this as proof that the team are too busy with more important things to adhere to, others are finding it frustrating and sloppy. Many are simply wondering what actually happened here. The most common theory is that the Darknet group Lazarus strikes again.
Crypto-based Hacks Increase
During 2021’s amazing bull run, major hacks as such were common, and over $2 Billion dollars of funds were funnelled away from users and platforms alike. In 2023, we’re seeing that trend return slowly but surely.
Just last week, Ethereum co-founder Vitalik Buterin found himself in shambles as he’d realized he’d lost all access to his Twitter account. The suspect managed to perform a Sim Swap with Vitalik’s own T-mobile account, giving access to his 2FA codes. This compromised more than just a Twitter account and included bank accounts and crypto holdings.
Earlier this month, we reported on another hack, which the FBI confirmed was compilled by the Darknet-North Korean Hacking group “Lazarus.” The hacking group escaped with over $41 million taken from Stake.com, the most popular crypto casino out there. The breach was believed to be caused by a “key leak,” which granted hackers access to the platform’s ETH, Polygon, and BSC hot wallets.
This unfortunate incident with Mixin Network serves as a stark reminder of the ongoing security challenges within the cryptocurrency industry. Even well-established platforms like Mixin Network are susceptible to vulnerabilities. Its why we push the “not your keys, not your money“ narrative. Whether it’s a darknet marketplace that holds some on-site wallet, or a top-tier crypto platform, if you aren’t using it, store your funds in a private wallet.