Following a compromised API login, cryptocurrency trading company Kronos Research suffered a hack. Losses totaled $26 million.
Kronos Research suffers $26 million loss
Saturday evening, the Kronos Research trading company suffered a loss following a hack. In the hours that followed, the company released a statement explaining that the attack was due to fraudulent access via an API connection:
“In the interests of transparency: about 4 hours ago, we experienced unauthorized access to some of our API keys. We have suspended all transactions while we investigate. Potential losses do not represent a significant portion of our equity and we aim to resume trading as soon as possible. “
On Sunday, Kronos Research then provided more details, confirming the amounts stolen at around $26 million. Furthermore, the company explains that customer funds will not be affected, as “all losses will be covered internally” :
1/ Since 1:20 am (GMT+8), our team has been working round the clock to minimize the impact and resume trading operations, following a hacking incident that involved unauthorized access to our API Keys. https://t.co/t2cP9s69sZ
– Kronos Research (@ResearchKronos) November 19, 2023
Furthermore, the company thanked the exchanges it worked with, without naming them, for their responsiveness in “helping to manage the situation”. This suggests that at least some of the stolen funds may have been frozen, although this cannot be confirmed in the absence of formal confirmation.
For his part, on-chain investigator ZachXBT was able to identify movements linking several addresses to the attack through a large quantity of ETH:
Sorry should be $25M not $20.3M****
– ZachXBT (@zachxbt) November 18, 2023
Following this problem, the company claims that this is the first time it has cut off exchanges on its platform since 2018.
We can nevertheless point out that it suffered another incident in 2020, when two engineers dissatisfied with a lack of bonuses altered the code of trading strategies, resulting in $1.4 million in losses. This was revealed last summer during the trial of the accused.
On the other hand, the context of this fraudulent access to Kronos Research’s API connections has not been revealed. Nevertheless, this is a good opportunity to remind ourselves of the importance of being vigilant about the authorizations we grant to such connections between several platforms.
