$26 100 000 USD

FEBRUARY 2024

GLOBAL

FIXEDFLOAT

DESCRIPTION OF EVENTS

"FixedFloat is a cryptocurrency exchange platform that provides users with the ability to swap or exchange one cryptocurrency for another. It aims to offer fast, secure, and anonymous transactions without the need for user registration or personal information.

 

FixedFloat facilitates instant cryptocurrency swaps, allowing users to exchange one cryptocurrency for another at a fixed rate. It supports a wide range of cryptocurrencies, including popular options like Bitcoin (BTC), Ethereum (ETH), Litecoin (LTC), and many others.

 

One of the notable features of FixedFloat is its non-custodial nature. This means that the platform does not hold user funds. Instead, it connects users with third-party liquidity providers to execute the swaps directly. This can enhance security and privacy, as users retain control over their funds throughout the transaction.

 

FixedFloat offers a range of instant and unique features that set it apart from other exchanges. For instance, users can quickly and easily exchange a wide variety of virtual assets without having to worry about complicated trading procedures or high fees. Moreover, the platform uses advanced security measures to ensure the safety and privacy of user data at all times, making it one of the most secure exchanges available.

 

FixedFloat represents a new and exciting chapter in the evolution of virtual asset trading. By leveraging the power of cutting-edge technology and innovative business models, FixedFloat has created a platform that is both easy to use and highly effective, providing traders with a range of unique features and capabilities that are simply not available elsewhere. Whether you are a seasoned trader or a newcomer to the world of virtual asset trading, FixedFloat is sure to offer something of value to you. So why not give it a try today and see for yourself what all the fuss is about?"

 

"The exchange was founded in 2018 by a group of blockchain-experienced enthusiasts who have demonstrated a keen interest in the convergence of network technology, finance, and business. With its cutting-edge platform and unique approach to virtual asset trading, FixedFloat has quickly earned a reputation as one of the most innovative and user-friendly exchanges on the market today."

 

"Cryptocurrencies open new opportunities for achieving financial freedom. The bigger the user base, the greater the competitive advantages that emerging distributed ledger technologies provide. FixedFloat gives you the tools to make full use of your digital assets through an easy and accessible exchange platform."

 

"On the night of February 16-17, our system was hacked. This was an external attack caused by vulnerabilities in our security structure. Our infrastructure was compromised due to insufficient security. This allowed attackers to gain access to some functions of our service. As a result of the hack, $26,1 million was stolen.

 

We did not immediately report the hack, as our initial goal was to ensure security and minimize losses. We are focused on quickly addressing weaknesses and strengthening overall security, as well as taking stock of what happened."

 

"When the fact of hacking was discovered, the service was urgently turned off. Because of this, more than 30 user orders were temporarily stopped. At the moment, all orders have been completed."

 

"Initially, the FixedFloat hack was believed to be an insider attack or rug pull. The only indications of the hack were that cryptocurrency was transferred from addresses associated with the project to attacker-controlled ones. However, the team behind the project denied this and claimed that the transfers were performed by a third party exploiting vulnerabilities and security gaps in its infrastructure. These gaps allowed the attacker to access sensitive functionality within the protocol.

 

If performed by an external party, the incident appears to have been a private key theft. There is no sign of exploitation of the protocol’s smart contracts. Also, the issues with the protocol’s infrastructure could also refer to its protection of private keys.

 

The exact details of the FixedFloat hack are still unknown, even several days after it occurred. The team put the project in maintenance mode and, apparently, prioritized fixing vulnerabilities in its services over providing information to the public. Later, the project tweeted that it would provide information privately to journalists about the incident, but no public disclosure of the attack details has been made."

 

"“The security breach at FixedFloat suggests an access control issue, similar to a previous hack on February 16. In both incidents, unauthorized access to the hot wallet led to the withdrawal of significant funds. Notably, blacklisted tokens like USDT and USDC were swiftly swapped to avoid being frozen, while DAI was directly deposited to eXch without conversion. This pattern indicates a targeted exploitation of vulnerabilities within the system’s access controls,” analysts at Cyvers told BeInCrypto."

 

"FixedFloat’s handling of its security incident is largely a demonstration of what not to do in the aftermath of a hack in the DeFi space. The best-handled hacks to date have included frank, timely disclosures of details to customers as soon as is practical. While, in some cases, details may need to be concealed until a vulnerability is fixed, providing information promptly helps to decrease FUD and build trust in the project.

 

In the case of FixedFloat, the protocol froze the protocol before publicly acknowledging the hack, spurring accusations of a rugpull. Additionally, it claimed that it had no resources to provide information about what occurred, despite responding to Tweets and rolling out a new website. When information was provided, it was offered privately only to journalists in the form of responses to provided questions."

 

"First of all, we want to thank you, our dear users, for your support that you have given us during this difficult period in our history. Each of your messages is not just words, it is your faith in us, which we value above all else. We read every letter and pass on your kind words to our entire friendly team. Your support and dedication was felt by every one of our employees.

 

We appreciate your understanding and patience while we wait for FixedFloat to return to service. We saw how much you miss us, and it's mutual. Your kind words and expressions of support have given us strength and motivation to continue working to provide you with the best service possible.

 

Thank you for your patience and faith in us!"

 

"Since this incident involved a data breach related to our service infrastructure, we can only report that our technical team is conducting various security checks. We will not make any publications regarding exactly how the protection of our service has been and will be configured."

 

"We can share fairly limited information at this time as the investigation into the hack continues. We cooperate with law enforcement agencies, blockchain forensics companies, and cryptocurrency exchanges. We will be able to provide a full report once the investigation is complete."

 

"Our team is pleased to present you the updated design of FixedFloat, as well as an improved interface and new features that you will definitely like!"

FixedFloat is a cryptocurrency exchange platform designed to enable users to swap or exchange cryptocurrencies quickly, securely, and anonymously, without requiring user registration or personal information. Its non-custodial nature ensures that the platform does not hold user funds, enhancing security and privacy. With support for a wide range of cryptocurrencies and instant swaps at fixed rates, FixedFloat offers a unique and user-friendly experience. FixedFloat experienced a hack on February 16-17, resulting in the theft of $26.1 million. Despite initial speculation of an insider attack, the team claimed that the incident was due to vulnerabilities in their infrastructure exploited by a third party. Following the incident, the platform was temporarily shut down to address weaknesses and strengthen security measures. FixedFloat unveils an updated design and improved interface. Details of the hack remain undisclosed.

FixedFloat | Instant cryptocurrency exchange (Apr 30)
FixedFloat Reviews: Lightning Cryptocurrency Exchange (Apr 30)
Fixedfloat | Change Now | Buy, Sell and Exchange Crypto  (Apr 30)
Avis très négatif sur fixedfloat.com. Attention arnaque ! (Apr 30)
How to exchange cryptocurrencies on the FixedFloat? | FixedFloat (Apr 30)
Explained: The FixedFloat Hack (February 2024) (Apr 30)
@FixedFloat Twitter (Apr 30)
@HSanikhani Twitter (Apr 30)
Non-KYC Crypto Exchange FixedFloat Hacked for $26M in Bitcoin, Ethereum - Decrypt (Apr 30)
@PeckShieldAlert Twitter (Apr 30)
@CyversAlerts Twitter (Apr 30)
This Crypto Exchange Was Hacked, Losing $2.80 Million (Apr 30)
@FixedFloat Twitter (Apr 30)
FixedFloat is back | FixedFloat (Apr 30)
FixedFloat exchange hacked for $26 million (Apr 30)
https://cointelegraph.com/news/fixed-float-confirms-26m-exploit-bitcoin-ether (Apr 30)
@officer_cia Twitter (Apr 30)
About us | FixedFloat (May 1)
@FixedFloat Twitter (May 1)
Address 0xfa0200a7b73f2b36d14815336483039ecc6dea8b | Etherscan  (May 1)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (May 1)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (May 1)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (May 1)
FixedFloat Drainer | Address 0x85c4ff99bf0ecb24e02921b0d4b5d336523fa085 | Etherscan  (May 1)
FixedFloat DEX Hacked for $26M in BTC and ETH, Loot Already Moved (May 1)
FixedFloat Hit by $26M Crypto Heist: Bitcoin and Ether Stolen (May 1)
Cryptohack Roundup: $26 Million FixedFloat Hack (May 1)
Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen (May 1)
FixedFloat has been hacked (26M $) (May 1)
Address: bc1q2skp47p9f5mr4n4m27k66v0l68gh3xdd7ad4e5  (May 1)
Transaction: 9822616097948dab2048395c4d887dbb1f99273e5cc40de2d86639013588df41 | Blockchain.com (May 1)
Transaction: 5b77e01a8253b245d0ce3fd9fcfb3dffb88d49396c1a5553848cf1e05be08c68 | Blockchain.com (May 1)
Transaction: 15f7ac31837c8dba597f46359857205df1c41573c4bb489b5a81fd058be5da6d | Blockchain.com (May 1)

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.