On April 9, hackers targeted South Korean crypto exchange GDAC, stealing around $13.9 million worth of various cryptocurrencies by exploiting the exchange’s hot wallet. The heist resulted in the theft of funds equivalent to about 23 percent of the exchange’s total assets.
The stolen cryptocurrencies included 60.8 Bitcoin, 350.5 Ethereum, 10 million WEMIX tokens and 220,000 USDT — a stablecoin with a value tied to the U.S. dollar.
The blockchain intelligence platform ArkhamIntel revealed on Monday that the attacker had already moved roughly 461 ETH to the crypto-mixing platform Tornado Cash.
Per an announcement by CEO Han Seunghwan on the same day, GDAC suspended all deposits and withdrawals following the incident.
Seunghwan said that the exchange could not provide a definite timeline for the resumption of withdrawals. The platform immediately suspended and blocked the exchange’s wallet system and associated servers.
GDAC also collaborated with domestic and foreign cryptocurrency exchanges and issuers to prevent the stolen coins from being laundered. The Korean exchange reported the incident to the police, the Korea Internet & Security Agency (KISA) and the Korea Financial Intelligence Unit (FIU).
GDAC reported that the stolen assets came from their hot wallet and were transferred to an unidentified cryptocurrency wallet by the hackers. Cryptocurrency exchanges use hot wallets to store some of their funds, enabling swift trading and withdrawals. Although these wallets have advantages, they also carry risks.
Unlike cold wallets that keep assets offline, hot wallets are linked to the internet, making them susceptible to cyberattacks.
Notice on #GDAC Exchange Hack Alert⚠️
GDAC Exchange has officially announced that it has experienced a security breach
Please refer to the official announcements made by the Exchange👇
▶️GDAC Announcement: https://t.co/SNRFZTMEYgWEMIX Medium: https://t.co/7UIwyua72K
— WEMIX (@WemixNetwork) April 10, 2023
Several crypto industry hacks
Over the past year, multiple significant hacks and exploits have targeted various crypto platforms. One of these was the hack of Crypto.com on January 17, 2022, in which the platform lost over $15 million.
The attacker bypassed two-factor authentication and stole users’ Bitcoin or Ether. Despite initial denials from CEO Kris Marszalek, the company eventually acknowledged the hack and announced plans to transition to “multi-factor authentication” to prevent future exploits.
Also, in January 2022, the Qubit QBridge platform was hacked, leading to a loss of $80 million. The attacker used a smart contract flaw on the platform, backed by Binance, to mint wrapped ether tokens without depositing funds.
As one of the consequences, Qubit had to downsize its team and change its structure to a decentralized autonomous organization (DAO).
GDAC Exchange announced a hack this morning of around $13M.
Most of the value taken was on the WEMIX Blockchain (Excluding Wemix, the value of the hack was around $2.5M)
The hacker has since swapped the USDT into ETH and sent 461 ETH to Tornado Cash.
Addresses below: pic.twitter.com/R2LFL1vKtE
— Arkham (@ArkhamIntel) April 10, 2023
In February last year, the crypto platform Wormhole lost $325 million in a smart contract heist. The hacker took advantage of the smart contract vulnerabilities on the Solana-to-Ethereum bridge and created wrapped ether tokens without depositing any collateral.
Jump Crypto, the venture capital firm responsible for Wormhole, replenished the stolen funds to ensure that Solana-based platforms affected by the attack remain financially stable.
According to crypto data provider DeFi Llama, Wormhole now controls assets worth more than $480 million after rebranding its bridge as Portal.
The Axie Infinity Ronin Bridge sustained the largest fiat currency cryptocurrency hack in March last year, resulting in a loss of $625 million. The hackers gained control of most of the cryptographic keys securing the bridge.
They managed to steal four of the nine keys after an Axie developer clicked on a fake job offer PDF. Since the attack, the Ronin Bridge has reopened with extra validators, but the game’s popularity has declined.
In April 2022, a hack on the decentralized finance protocol Beanstalk Farms led to a loss of $182 million. The attacker employed a method known as a “flash loan.” The flash loan is where funds are borrowed and repaid in a single transaction to gather enough assets to control the stablecoin’s governance protocol.