Hacker Steals $25 Million from Kronos Research Through Compromised API Keys

Trading firm Kronos Research fell victim to a hack, resulting in a theft of $25 million by an unauthorized entity that accessed its compromised API keys.

On November 19, Kronos Research disclosed via a post on X (formerly Twitter) about a security incident that involved unauthorized access to its API keys. This attack consequently led Kronos to halt its trading services on the platform promptly.

Kronos Research is currently conducting internal investigations to identify the perpetrator and recover the stolen assets. The trading services on the platform remain suspended indefinitely until the investigations are complete. The firm expresses confidence in a positive outcome from its efforts.

Even with the incident, Kronos Research declared that the amount stolen wasn’t a significant part of the company’s assets, and they are committed to getting back to normal operations as quickly as possible.

Looks possibly like $20.3M+ (12800+ ETH)

0x2b0502FDab4e221dcD492c058255D2073d50A3ae pic.twitter.com/sLnFA0VXhk

— ZachXBT (@zachxbt) November 18, 2023

However, blockchain investigator ZachXBT estimates suggest that the total damage incurred by Kronos Research could be around $25 million (12,800 ETH). ZachXBT uncovered the details of the hack, revealing that the stolen funds were transferred to six different crypto wallet addresses. The hacker made multiple transactions to various addresses owned by them.

Woo X Resumes Trading After Temporary Suspension Triggered by Kronos Security Incident


Woo X, an exchange closely affiliated with Kronos Research, recently faced disruptions stemming from a security incident involving Kronos. As a significant market maker for Woo X, contributing up to 40% of the total spot and futures trading liquidity on the platform, Kronos’s security issue led to a temporary suspension of certain asset pairs on Woo X due to a liquidity shortage.

The close association between Woo X and Kronos made the exchange vulnerable to the security incident affecting Kronos. In response, Woo X took swift action to safeguard users and maintain platform integrity by temporarily halting trading for specific asset pairs due to a shortage of funds resulting from Kronos’s trading halt.

Status update
– First and foremost, all client assets are safe
– TLDR our largest liquidity provider Kronos Research recently experienced a hack that caused them to pause all trading on WOO X
– Since Kronos Research is the primary liquidity provider for spot markets and around… https://t.co/sDR8QHvmZC

— WOO X (@_WOO_X) November 18, 2023

Woo X reassured users that their funds remained secure but acknowledged the challenges posed by Kronos’s trading pause. To mitigate the impact, Woo X promptly engaged in discussions with alternative market makers to ensure ongoing support for the exchange’s operations.

On the morning of November 19, Woo X announced the successful establishment of communication with alternative market makers, facilitating the resumption of spot and perpetual trading, along with withdrawals. This development marked a step toward normalcy as Woo X gradually restored its operations.

Investor Warns Against Cryptocurrency Risks After Q3 2023 Records Highest Losses in Crypto Hacks


A recent report by CertiK, a prominent blockchain security firm, reveals that Q3 2023 marked the most damaging quarter for the cryptocurrency industry, witnessing losses exceeding $700 million due to various security incidents. The quarter saw a surge in digital asset compromises, primarily attributed to prevalent techniques such as private key exploits, exit scams, and oracle manipulation.

In October 2023, Beosin EagleEye, the security monitoring platform of Beosin, unveiled alarming statistics for the cryptocurrency industry, recording a total of 23 security incidents during the month. These incidents collectively resulted in substantial losses totaling approximately $51.61 million.

The breakdown of losses showcases the multifaceted nature of threats within the crypto space. Hacker attacks emerged as the most impactful, causing losses amounting to around $28.33 million. Rug pull incidents, where liquidity is abruptly withdrawn from a project, contributed significantly to the overall figure, accounting for approximately $12.02 million in losses. Additionally, phishing scams played a notable role, contributing $11.26 million to the total losses incurred during October.

The post Hacker Steals $25 Million from Kronos Research Through Compromised API Keys appeared first on Cryptonews.