A hacker was able to access compromised API keys at quantitative trading firm Kronos Research and walk away with $25 million.
On Nov. 19, Kronos Research announced that an unauthorized entity accessed some of its API keys, leading to the firm halting its trading services on the platform. At the time, no losses had been reported.
In the interest of transparencyAround 4 hours ago, we experienced unauthorized access of some of our API keys. We paused all trading while we conduct an investigation. Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.
— Kronos Research (@ResearchKronos) November 18, 2023
Blockchain investigator ZachXBT discovered that approximately $25 million in total was stolen and sent to six unique crypto wallet addresses. These transactions, totaling 12,800 ETH, were made from a Kronos Research account to addresses owned by the hacker.
While Kronos Research has halted trading services indefinitely as it conducts internal investigations, the firm expects to recover and resume trading soon.
“Potential losses are not a significant portion of our equity and we aim to resume trading as soon as possible.”
Kronos Research did not immediately respond to Cointelegraph’s request for comment.
Related: Atomic Wallet asks to toss suit over $100M hack saying it has ‘no US ties’
Given the rising number of crypto hacks, investors are advised to conduct extensive research on projects before investing. According to blockchain security firm CertiK, Q3 2023 has been the most “damaging” quarter for crypto, with various security incidents resulting in over $700 million in losses.
Techniques such as private key exploits, exit scams, and oracle manipulation were commonly used in hacking crypto ecosystems, resulting in significant losses in Q3 2023.
Magazine: Breaking into Liberland: Dodging guards with inner-tubes, decoys and diplomats