Remitano crypto exchange hacked for $2.7 million, narrowly avoids a further $1.4 million tether loss

Remitano, a peer-to-peer cryptocurrency exchange, experienced odd large-scale withdrawals on September 14, which it later confirmed were part of a hack. The attack resulted in the withdrawal of cryptocurrencies worth $2.7 million.

Another $1.4 million worth of customer crypto narrowly escaped theft, but Tether averted it by freezing one of the attacker’s addresses.

The hack details 

• The large-scale transactions were first observed by blockchain analytic platform Cyvers, which alerted the crypto community on X (formerly Twitter) about the suspicious transactions.
• After receiving a tip about the data breach, Remitano’s security team found that sensitive data was compromised. A small sum of money was also moved from its secure wallets to suspicious accounts through unauthorized withdrawals.
• One such suspicious wallet address had no prior transaction history before it received around $1.4 million in tether (USDT), $208,000 in USD Coin (USDC), and 104,000 Ankr tokens – worth $2,000 at the time

Remitano’s response

• In an official statement on its website, the company highlighted in detail its corrective measures and its withdrawal recovery plans. 
• Some of these measures include temporarily suspending coin deposits and withdrawals and partnering with Cyvers Alerts and Tether to monitor and freeze all accounts accessed by the hacker closely. 
• It also transferred user funds to secure cold wallets, deactivated the old wallet addresses, and advised users to create new deposit wallet addresses and disregard the old ones. 
• Remitano assured users that their assets are safe and that the bitcoin, bitcoin cash and litecoin chains on its platform were not affected and are the only coins users should transfer on the platform for now. 

Key quote 

Remitano said: 

“As a result [of the data breach], a small amount of funds from the exchange’s hot wallets were transferred to suspicious wallet addresses through unauthorized withdrawal transactions. Immediately upon detecting the breach, we have taken decisive actions to mitigate impacts on our users.

In response to this unfortunate situation, a specialized investigation team was promptly established to thoroughly examine the incident and fully enhance our overall security infrastructure to prevent any further occurrences.” 

Zoom out 

• Although 2023 has witnessed a reduction in crypto crime, there have been a series of notable crypto exchange hacks that led to leaked private keys and stolen funds.
• The United State’s Federal Bureau of Investigation (FBI) attributes these hacks to the Lazarus Group, a notorious cybercrime organization believed to be affiliated with the North Korean government. 
• The cybercrime organization is suspected of stealing $41 million from gambling site Stake and $27 million from crypto exchange CoinEx.