Quantitative trading firm Kronos Research has suspended its trading services indefinitely after an unauthorized entity stole approximately $25 million worth of Ethereum (ETH) by accessing the company’s compromised API keys. The incident, which came to light on November 19, has prompted Kronos Research to launch internal investigations to identify the culprit behind the theft.
Unauthorized access and stolen funds
Kronos Research disclosed that an unauthorized entity gained access to some of its API keys, prompting the firm to immediately cease its trading activities on the platform. Initially, no losses were reported, but further investigation by blockchain expert ZachXBT revealed that around $25 million in total had been transferred to six distinct cryptocurrency wallet addresses.
The transactions, totaling 12,800 ETH, were carried out from a Kronos Research account to addresses owned by the hacker. The amounts transferred in these transactions were as follows: 2,780 ETH, 2,540 ETH, 2,540 ETH, 2,636 ETH, 4.93 ETH, and 2,507.52 ETH, respectively.
Halting trading services and ongoing investigation
In response to the breach, Kronos Research has decided to halt its trading services indefinitely. The firm’s primary focus now is on conducting internal investigations to determine the identity of the individual or group responsible for the theft. Kronos Research aims to track down the culprit and recover the stolen funds before resuming normal trading operations.
Despite the substantial amount stolen, Kronos Research remains optimistic about its financial position. The firm stated that the potential losses incurred as a result of the breach do not constitute a significant portion of its equity. This assurance reflects the company’s confidence in its ability to recover from the incident and resume trading activities promptly.
In a statement, Kronos Research expressed its intention to return to normal operations as soon as possible, emphasizing its commitment to mitigating the impact of the theft on its clients and investors.
Future steps and communication
Kronos Research has not provided specific details about the security measures it plans to implement in the wake of the breach. However, it is expected that the company will bolster its security protocols to prevent similar incidents in the future.
The firm has yet to respond to Cointelegraph’s request for comment, leaving some unanswered questions regarding the incident and the steps Kronos Research intends to take moving forward.