Taiwan-based trading firm Kronos Research recently suffered a major security breach, leading to estimated losses of $25 million.
According to the company, the security breach involved the unauthorized access of API keys, leading to a loss of around 13,007 ETH, valued at $25 million at the time.
Kronos disclosed the incident on Nov. 18 via a post on social media.
The potential losses were not a significant portion of its equity, Kronos explained.
Blockchain researcher ZachXBT identified substantial Ether outflows from a linked wallet, amounting to over $25 million worth of the cryptocurrency.
Woo X, a local centralized exchange associated with Kronos, announced it is temporarily suspending specific trading pairs briefly, to address the liquidity loss but has now resumed spot and perpetual trading, along with withdrawals.
The exchange assured that client funds remain secure. Kronos continues to investigate the unauthorized access and has not disclosed additional details regarding the extent of losses.
This incident has prompted concerns regarding the security of cryptocurrency trading firms and the vulnerabilities associated with managing API keys.
Renowned for its involvement in crypto research, marketing, and investment, Kronos Research now grapples with substantial financial repercussions arising from the breach. The unauthorized access event underscores persistent challenges in safeguarding digital assets and emphasizes the critical need for robust security measures within the cryptocurrency trading industry.
As the situation unfolds, organizations are urged to prioritize cybersecurity to effectively mitigate the risk of similar breaches in the future.
Security struggles, crypto heists on the rise
In recent months, a slew of significant crypto hacks and scams resulted in losses nearing a billion dollars.
According to reports from Certik, these incidents were attributed to various factors such as protocol exploits, exit scams, private key exploits, and oracle manipulation.
One notable event was the Mixin Network exploit in Sept. 2023, causing a $200 million loss and marking it as the most substantial exploit of the year. Furthermore, cybercriminals targeted Stake.com, leading to a $735 million loss and placing it among the ten biggest hacks of the year.
The top 10 hacks in 2023 accounted for 84% of the total stolen amount, with over $620 million taken in those attacks alone.
DefiLlama data reveals that cybercriminals have inflicted losses exceeding $735 million on crypto companies and defi protocols through 69 hacks in 2023. With three months remaining in the year, 2023 appears to fare better than 2022, which witnessed hackers making off with over $3.2 billion across 60 hacks.
These incidents underscore the persistent challenges in securing digital assets and highlight the urgent need for enhanced security measures within the cryptocurrency industry, emphasizing the critical importance of robust security protocols to safeguard digital assets.