Taipei-based cryptocurrency trading and investment firm Kronos Research has initiated negotiations with the hacker responsible for the recent theft of $25 million from the company’s treasury.
Offer to the Hacker
In a public message addressed to the unknown attacker, Kronos Research offered the hacker to return 90% of the stolen funds, and the matter would be dropped, on-chain data shows.
As reported, Kronos Research reported an unauthorized breach of its API keys last key, which allowed the hacker to gain access to the firm’s funds. Onchain experts ZachXBT and Lookonchain later confirmed that the attacker absconded with approximately $25 million, primarily consisting of stablecoins.
“At present, we can confirm that the losses are about $26 million in crypto assets, and despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, and no partners will be affected,” the firm posted on X.
This public negotiation between hackers and their victims has become a recurring trend. Recently, the hacker involved in the KyberSwap exploit even signed one of the transactions that siphoned funds from the decentralized exchange, expressing a willingness to commence discussions when fully rested. KyberSwap responded by offering a 10% bounty as an incentive for the return of the stolen funds. In a similar vein, Curve Finance previously proposed a 10% bounty to hackers in exchange for the restitution of pilfered cryptocurrencies. These negotiations were conducted through transaction signatures.
Rise in Hacks and Scams
According to DeFiLlama, decentralized finance (DeFi) protocols have suffered thefts amounting to over $1.2 billion this year alone. Hacks and scams have been a major issue in the crypto space. According to a report by blockchain security platform Immunefi, there were 76 hacks on crypto and Web3 projects and firms in Q3 2023, a significant increase compared to the 30 hacks reported in the same period in 2022. In total, approximately $332 million has been lost to various exploits, hacks, and scams throughout September, marking a record-high month for crypto exploits.
Earlier this month, DeFi platform Raft also suffered a hack resulting in the loss of approximately $3.3 million in Ethereum (ETH). Raft’s hack marked the second major crypto exploit on the same day. Earlier, an attacker drained approximately $114 million in digital assets from the centralized exchange Poloniex.
More recently, security firm SlowMist issued a warning about a wave of crypto thefts orchestrated by fake journalists. The company said the first instance of this malicious campaign was reported on October 14 when a Twitter user named Masiwei alerted the community about a targeted attack on friend.tech for account theft.