Decentralized cryptocurrency exchange FixedFloat has revealed that it was hacked, with the platform losing $26 million worth of Bitcoin (BTC) and Ethereum (ETH). 

Blockchain security firms have confirmed that the attacker has already begun laundering funds through multiple crypto exchanges such as eXch.cx and HiTBTC. 

FixedFloat Confirms Hack 

The team at FixedFloat confirmed the hack on the 18th of February after several blockchain investigators flagged suspicious transactions and movement of funds. In a post on X, the decentralized exchange refused to make a public comment on the matter. 

“We confirm that there was indeed a hack and theft of funds. We are not yet ready to make public comments on this matter, as we are working to eliminate all possible vulnerabilities, improve security, and investigate. Our service will be available again soon.”

Users have been reporting stalled transactions and missing funds on the decentralized platform since the 17th of February, posting complaints on the platform’s X profile. According to on-chain data, the hacker drained over 400 BTC worth $21 million and 1700 ETH worth $5 million on the 18th. Interestingly, FixedFloat is often used by hackers who are looking to launder funds. 

Website Down As Well 

FixedFloat’s official website was also down and displayed an error message on all its pages. The message stated that there was technical work ongoing and that the website would be back online soon. FixedFloat is an automated crypto exchange that does not require user registration or Know Your Customer (KYC) verifications. According to data from SEMrush, around 26% of the site traffic originates from the United States. 

Hacker Already Moving Funds 

Blockchain security firm PeckShield posted that the hacker had transferred most of the stolen ETH to the eXch exchange. 

“#PeckShieldAlert #FixedFloat was hacked, resulting in ~1,728 $ETH (worth ~$4.85m) and & 409 $BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen $ETH to #eXch on #Ethereum.”

Others, such as Web3 threat researcher Officer’s Notes, dug a little deeper and found that apart from multiple deposits for eXch, the FixedFloat attacker also moved funds to HitBTC. 

“Perhaps FixedFloat Drainer thus simply decided to confuse its trail by framing the innocent owner of these deposit addresses. Anything is possible. I don’t see any addresses (other than the hacker’s address) that link these 2 HitBTC deposit addresses (when analyzing ETH and token transactions). Most likely, the hacker created only a false trail.”

No End To Crypto Exploits 

According to DeFi Rekt, there have already been seven major crypto exploits and hacks just this month. On the 9th of February, gaming and metaverse platform PlayDapp fell victim to an access control exploit, losing $32 million. Barely a few days later, on the 13th of February, Duelbuts fell victim to an access control exploit as well, losing $4.6 million to the hack

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.