A hacker walked away with $25 million from quantitative trading firm Kronos Research after accessing its compromised API keys.
On Nov. 19, Kronos Research revealed that an unauthorized entity accessed some of its API keys. Subsequently, the firm stopped its trading services on the platform. However, no losses were reported at the time.
In the interest of transparency
Around 4 hours ago, we experienced unauthorized access of some of our API keys. We paused all trading while we conduct an investigation. Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.
— Kronos Research (@ResearchKronos) November 18, 2023
Blockchain investigator ZachXBT followed up on the announcement and found roughly $25 million in total were siphoned away into six unique crypto wallet addresses. According to the investigation, the six transactions — worth 2,780 Ether (ETH), 2,540 ETH, 2,540 ETH, 2,636 ETH, 4.93 ETH and 2,507.52 ETH, respectively — were made from a Kronos Research account to various addresses owned by the hacker.
While Kronos Research indefinitely halted the trading services until internal investigations tracked down the culprit that stole over 12800 ETH, the firm expects a positive outcome:
“Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.”
Kronos Research did not immediately respond to Cointelegraph’s request for comment.
The rising number of crypto hacks warrants that investors conduct extensive research on projects they intend to invest in.
Blockchain security firm CertiK recently revealed Q3 2023 as the most ‘damaging’ quarter for crypto.
Private key exploits, exit scams and oracle manipulation were the most prevalent techniques used for hacking crypto ecosystems. Over $700 million in digital assets lost to various security incidents in Q3 2023, surpassing first-quarter losses of $320 million and second-quarter losses of $313 million.