Despite the recent downtrend in the cryptocurrency market, crypto hackers and malicious actors continue to target cryptocurrency exchanges around the globe. The most recent victim of cyberattackers is Mixin, a Hong Kong-based cryptocurrency exchange.
Today, Mixin announced on X (formerly Twitter) that hackers had successfully executed an attack resulting in the theft of approximately $200 million, marking what experts believe to be the largest cryptocurrency heist of the year.
“[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network’s cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team to assist with the investigation. After initial verification, the funds involved are approximately US$200 million,” Mixin said on X.
The company also added, “Deposit and withdrawal services on Mixin Network have been temporarily suspended. After discussion and consensus among all nodes, these services will be reopened once the vulnerabilities are confirmed and fixed. During this period, transfers are not affected.”
[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network\\\’s cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team…
— Mixin Kernel (@MixinKernel) September 25, 2023
In a statement, Mixin explained that the breach occurred when hackers targeted the database of their network’s cloud service provider. This unfortunate incident led to the loss of a substantial amount of assets, estimated at around $200 million. It’s worth noting that Mixin Network is a cross-chain project known for its unique feature of zero transaction fees.
In its official announcement, Mixin Network added that the security breach took place within the infrastructure of its cloud service provider. The disclosure has raised eyebrows among cybersecurity experts, given that Mixin Network is designed as a decentralized platform, implying that it should not rely on a centralized cloud database, which would make it vulnerable to such attacks.
Mixin is a platform that facilitates the transfer of digital assets and claims to have a user base of one million, according to information available on its website.
In response to this security breach, Mixin Network said it has taken swift action by temporarily halting both deposits and withdrawals. Addressing the lost assets, the Mixin team said it would release details of the solution at a later time. The founder of Mixin, Feng Xiaodong, is scheduled to discuss this incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023.
“Regarding how to deal with the lost assets, the Mixin team will announce the solution afterward. Mixin founder Feng Xiaodong will explain this incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023.”
Mixin said that its team is committed to minimizing losses and extends a sincere apology for any inconveniences caused. They express deep gratitude for the continuous support from all users.
The company added that it is committed to compensating affected users, promising to reimburse them for “up to a maximum of 50%” of the assets that were stolen. Furthermore, users impacted by this incident will receive “tokenized liability claims,” essentially IOUs, as part of the compensation plan.
Last year, hackers stole $570 million from Binance-linked blockchain BNB Chain in one of the largest crypto hacks in history. Discussing the timeline of events, BNB Chain said the exploit affected its native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as “BSC Token Hub.” A total of 2 million BNB was withdrawn. “The exploit was through a sophisticated forging of the low-level proof into one common library,” the company said in a statement.
Blockchain bridges are used in transferring cryptocurrencies across different blockchain networks and have become tools of choice for hackers. In recent years, criminals have also increasingly targeted blockchain bridges, with about $2 billion stolen in 13 different hacks, mostly this year, according to a report by blockchain research firm Chainalysis.