The Bahrain-based crypto exchange Rain recently faced a severe security breach. Blockchain expert ZachXBT reported that the exchange lost $14.8 million on April 29, 2024. The culprits split the stolen funds into wallets filled with 137.9 BTC and 1,881 ETH, which have remained untouched since the attack.
According to ZachXBT, “It appears the crypto exchange Rain was likely exploited for $14.8M after their BTC, ETH, SOL, and XRP wallets saw suspicious outflows.” He noted that these funds were swiftly moved to instant exchanges and exchanged for BTC and ETH.
Tracking the Stolen Funds
Further details reveal the Ethereum funds ended up in a wallet ending in d609, which received multiple transactions from Bitgo multisignature wallets. On the day of the breach, these wallets made 26 transactions sending ETH and various tokens to the d609 wallet. These included over 590 ETH, about 20 billion Shiba Inu, 12,500 Chainlink, $240,000 in Tether, and $500,000 in USD Coin, all of which were quickly swapped for ETH on Uniswap.
As the situation happened, Arkham Intelligence noted that the d609 address continued to accumulate different tokens like Aave, Yearn Finance, and MakerDAO, swapping them for ETH. This intricate web of transactions showcases the sophisticated methods used by hackers to cover their tracks.
Ongoing Challenges in Crypto Security
The Rain incident highlights a broader issue within the crypto industry. In the past year alone, investors lost $2 billion to similar hacks and exploits, with an additional $333 million stolen in the first quarter of this year. Moreover, another recent deficiency in a trading protocol led to a $600,000 loss, although most were later recovered through a 10% bug bounty.
Just days after the Rain hack, the Gnus AI community suffered a significant breach through its Discord channel on May 6, resulting in a loss of $1.27 million. The attackers gained access to private messages of team members, eventually minting 100 million fake tokens that crashed the GNUS token price. The team has since urged users to avoid purchasing the devalued token and is working on measures to mitigate the impact.
Similarly, the Galaxy Fox web3 platform experienced a hack on May 10, due to a smart contract vulnerability. Attackers made away with over 108 ETH, highlighting the urgent need for improved security and access controls in the web3 space, particularly platforms known for NFTs and play-to-earn games.
Also on May 10, the Tsuru platform encountered a flaw with its TRUSU Wrapper contract, leading to significant transaction processing issues. This vulnerability allowed users to bypass normal contract operations with custom code, resulting in out-of-gas errors and disrupted transaction flows.
These incidents across various platforms not only show the financial damages and operational disruptions caused by cyberattacks but also emphasize the critical need for stronger security measures in the cryptocurrency and web3 industries.