A serious breach hit the online casino platform MetaWin on 3 November 2024, resulting in the loss of approximately $4 million from its hot wallets.
The attack has raised alarms across the crypto community as it highlights vulnerabilities within online platforms.
In a statement regarding the incident, CEO Richard “Skel” Skelhorn confirmed that the funds have since been "topped off," signalling that the company has managed to replenish the lost assets.
The hacker accessed MetaWin’s hot wallets through a loophole in the platform's frictionless withdrawal system, prompting immediate action to halt all withdrawals.
Despite the significant financial loss, Skel assured users that approximately 95% of customers have had their withdrawal capabilities restored as the situation stabilised.
Source: ZackXBT
Onchain investigator ZackXBT revealed that they were moved to both KuCoin and a nested service on HitBTC.
He uncovered over 115 addresses linked to the perpetrator, further complicating the case.
Skel remarked,
“We’re not gonna dwell on it. It’s in the hands of the feds now… we will make some internal adjustments to keep the players happy but the bad actors at bay.”
This incident is just one in a series of high-profile security breaches affecting the cryptocurrency sector.
Just weeks earlier, on 16 October, Radiant Capital fell victim to a major exploit that resulted in the theft of $58 million.
This attack was enabled by hackers obtaining access to private keys essential for signing transactions from the platform’s multi-signature wallet.
Shortly after that, another platform, the M2 exchange, reported a breach that led to a $13 million loss through compromised hot wallets.
The frequency of these attacks has led to increased scrutiny of security measures within the crypto industry.
A report from CertiK Alert revealed that losses from exploits reached approximately $127 million in October 2024, highlighting the substantial impact of such incidents compared to other types of security breaches.
With incidents like MetaWin’s hack, the need for robust security protocols has never been more pressing, especially as more users engage with online gambling and cryptocurrency platforms.
The rapid evolution of these technologies necessitates continuous vigilance to safeguard against malicious actors in the digital landscape.
In this article, I propose adding a liquidity or milestone-based dimension to enhance and improve upon the existing token vesting schedule models we most commonly observe today.
JinseFinanceThrough statistics and analysis of security incidents in the Web3.0 field over the past year, the latest trends in Web3.0 security are fully revealed.
JinseFinanceStablecoin issuers Circle and Tether have blacklisted over half of the stolen funds, according to available information.
BeincryptoMetis, an Ethereum layer-2 platform, warns users not to buy METIS on the BNB Blockchain days after the PolyNetwork was hacked and $5.5 million of assets stolen.
BitcoinistNorway completed its record-high crypto seizure, confiscating approximately $5.9 million worth of digital assets.
cryptopotatoThe community criticized the airdrop announced by the AllianceBlock team.
BeincryptoThe notorious North Korean hacker collective known as Lazarus has had a busy weekend moving millions of dollars in Ethereum.
cryptopotatoOne lucky winner is the proud owner of a Mutant Ape worth over $30k.
BitcoinistBabylon’s founder said several liquidity pools and BABL tokens price were severely impacted, which contributed to the decision.
Coindesk