Overview
Crypto sleuth ZachXBT has uncovered an exploit involving Australian crypto platform CoinSpot. The platform allegedly suffered a loss of over $2 million worth of Ether. This incident highlights the vulnerability of crypto platforms to cyberattacks and the importance of robust security measures.
Attack Details
According to a Telegram post by ZachXBT, the attackers were able to drain funds from CoinSpot’s hot wallet using two separate transactions. The first transaction involved 1,262 ETH, while the second transaction drained 20.99 ETH. Both transactions were sent to the same addresses.
The stolen funds were then converted into other cryptocurrencies such as wrapped BTC (WBTC), Tether (USDT), and USD Coin (USDC) using platforms like Uniswap and THORchain. The attackers further bridged the funds to Bitcoin through Thorswap and Wan Bridge, making it harder to trace the stolen assets.
“Funds were then bridged to Bitcoin via Thorswap and Wan Bridge,” according to ZachXBT’s post.
Previous Phishing Attack
This is not the first security incident involving CoinSpot. In December 2021, CoinSpot users fell victim to a phishing campaign. The attackers used a new tactic centered around withdrawal confirmations, aiming to obtain two-factor authentication (2FA) codes. They sent emails from a Yahoo address, imitating genuine CoinSpot emails, asking recipients to confirm or cancel a withdrawal transaction.
It is worth noting that CoinSpot had previously experienced substantial profits, with its founder and CEO, Russell Wilson, cashing in over half a billion dollars’ worth of profits. However, this incident raises concerns about the platform’s security practices and calls for more comprehensive measures to protect user funds.
“The breach took place swiftly, probably caused by a ‘private key compromise’ in one of CoinSpot’s hot wallets,” confirmed global blockchain security firm CertiK.
Furthermore, it is not uncommon for private key compromises to lead to the siphoning of funds in the web3 ecosystem. In a similar incident in September, Hong Kong-based cryptocurrency exchange CoinEx suffered a theft of over $70 million due to compromised private keys.
“Private keys being compromised and allowing hackers to siphon a project’s funds is nothing new in the web3 ecosystem,” highlighted CertiK’s report.