- The 35+ best Black Friday Nintendo Switch deals 2024
- Best Black Friday TV deals 2024: 75+ expert-selected deals on QLED, OLED, & more
- The camera I recommend to most new photographers is $180 off for Black Friday
- The fan-favorite 8TB T5 Evo SSD is almost 50% off at Samsung for Black Friday
- This Samsung projector is secretly the best gaming console you can buy, and it's on sale for Black Friday
Crypto Casino Stake.com Back Online After $40m Heist
Hackers have stolen over $40m in cryptocurrency from the self-styled “world’s leading betting platform,” the firm has revealed.
Curaçao-headquartered Stake.com offers casino and sports betting for players using cryptocurrency. However, the firm flagged on Monday that it had spotted unauthorized transactions being made from its Ethereum (ETH) and Binance Smart Chain (BSC) hot wallets.
“We are investigating and will get the wallets up as soon as they’re completely re-secured. User funds are safe,” it said.
BTC, LTC, XRP, EOS, TRX and “all other wallets” were untouched by the hackers, the firm claimed.
In crypto, hot wallets are less secure than cold wallets because public and private keys can be reached from the internet, enabling remote access and unauthorized activity. This appears to be what happened to Stake.com, although the firm has revealed few other details.
Read more on hot wallet attacks: ETERBASE Crypto-Exchange Hit in $5m Heist
On the same day, Stake.com announced that the issue had been remediated.
“All services have resumed! Deposits & withdrawals are processing instantly for all currencies. We apologise for any inconvenience,” the firm said in another post to X (formally Twitter).
The incident was first flagged by blockchain security company Cyvers, which said its AI monitoring tools had picked up suspicious activity – specifically that $16m worth of Ethereum cryptocurrency had been withdrawn from Stake.com. The stolen crypto was then transferred to other external wallets, the firm claimed.
Further sleuthing by blockchain investigator ZachXBT revealed that an additional $25.6m in BSC and Polygon was drained from the hot wallets.
Hot wallets are a common target for attack by state-sponsored and cybercrime actors. In July, Kaspersky warned of a new malicious email campaign that delivered 85,000 scam messages during the spring of 2023 alone.