- 5 biggest Linux and open-source stories of 2024: From AI arguments to security close calls
- Trump taps Sriram Krishnan for AI advisor role amid strategic shift in tech policy
- Interpol Identifies Over 140 Human Traffickers in New Initiative
- 5 network automation startups to watch
- The State of Security in 2024: The Fortra Experts Take a Look
Web3 Platform Mixin Network Hit by $200m Crypto Hack
Hong Kong-based decentralized finance (DeFi) project Mixin Network lost around $200m in cryptocurrency in what could already be one of the biggest hacks targeting a web3 platform.
Mixin Network confirmed the attack on September 25, 2023, in a public statement posted on X (formerly known as Twitter).
The statement explained that attackers compromised Mixin’s cloud service provider database on September 23, resulting in the loss of around $200m in cryptocurrency.
“Deposit and withdrawal services on Mixin Network have been temporarily suspended [and] will be reopened once the vulnerabilities are confirmed and fixed. During this period, transfers are not affected,” Mixin said.
“We have contacted Google and blockchain security company Slow Mist to assist with the investigation.”
Mixin Lost $30m of Its Value
A public update by Mixin’s founder Feng Xiaodon was live-streamed from Hong Kong – and in Mandarin – on September 25, in which he explained how to deal with the lost assets to the platform’s users.
Mixin said they would publish summaries in English shortly afterward.
According to DeFi dashboard DeFi Llama, Mixin lost around $30m in total value locked (TVL), a metric used to measure the total value of digital assets locked or staked in a particular platform.
The Mixin protocol and its XIN token were launched in 2017 to provide support for cross-chain transactions, meaning that users can easily send and receive assets between different blockchains without having to worry about exchange rates or fees. They are used by around 10,000 decentralized applications (DApps) worldwide.
Top Five Crypto Hacks
Many voices from the crypto community have expressed concern and frustration about the incident, criticizing the fact that a so-called decentralized infrastructure relies so heavily on a cloud service provider database.
The Mixin hack is the fifth most significant cyber-attack targeting cryptocurrency assets outside of crypto exchanges, with the top four happening over the past two years:
- Ronin Network in March 2022 ($624m)
- Poly Network in August 2021 ($611m)
- BNB Bridge in October 2022 ($586m)
- Wormhole in February 2022 ($326m)
Mixin Network was contacted by Infosecurity but did not respond to requests for comment on this issue.