Experts detected suspicious asset withdrawals totaling $2.7m from Remitano’s hot wallets. The platform said it had been hacked.
?ALERT?Our ML-driven system has detected
multiple anomalous transactions with @remitano
exchange, resulting in a total loss of $2.7M across 3
chains.we contacted the team to halt any additional losses
and initiate efforts to recover suspected stolen funds#CyversAlert pic.twitter.com/lug03WzNh9— ? Cyvers Alerts ? (@CyversAlerts) September 14, 2023
According to Cyvers, unauthorized transactions touched assets on three blockchains — Ethereum, Tron and Bitcoin Cash. The experts said they had contacted the platform’s team to “halt any further losses and initiate efforts to recover potentially stolen funds”.
Remitano confirmed wallet compromise and said that a “small amount” was withdrawn to suspicious addresses.
#latestupdates We understand the seriousness of this matter and we want to assure you that Remitano is actively taking steps to address all security concerns and rectify the situation.https://t.co/DAl5rs3Kyt
— Remitano (@remitano) September 15, 2023
According to the statement, the exchange has formed a task force to investigate the incident and has begun cooperating with partners, including Cyvers Alerts and Tether, to monitor and block assets stolen by hackers.
The platform also moved user funds to cold wallets and halted deposits and withdrawals for 48 hours for maintenance. The restrictions did not affect the Bitcoin, Bitcoin Cash and Litecoin networks.
“At this time, Remitano guarantees that users’ assets have not been harmed and will not be affected by this incident. We are tirelessly working to fulfill our obligations to ensure the security and protection of your crypto assets,” the statement said.
According to Etherscan, the company Tether has already blocked the attackers’ address to prevent further movement of $1.4m in the USDT stablecoin.
Remitano is registered on the Seychelles and operates as a P2P exchange, providing users with the ability to buy cryptocurrencies from one another. Merchants also use the platform as a payment gateway.
Over the past 24 hours, the platform’s spot trading volume was around $3.58m, according to CoinMarketCap.
Earlier in September, the betting platform Stake and the CoinEx exchange were hacked, with losses of about $41m and $55.5m respectively.
In the breach, the FBI blamed the North Korean Lazarus Group. Experts believe the same group is behind the second incident.