$200 Million Worth of Crypto Funds Under Attack on Mixin Network, Deposits Suspended

Lightning-fast decentralized exchange (DEX) Mixin Network faced a major attack on Saturday, September 23, with more than $200 million worth of crypto funds under threat.

Mixin, endorsed and backed by the renowned Chinese influencer Li Xiaolai, positions itself as a wallet solution. Presently, it extends support to 48 public blockchain networks, boasting a combined network asset value surpassing the $1 billion mark. Blockchain security firm SlowMist was among the first to report regarding the same.

🚨SlowMist Security Alert🚨

On September 23, the Mixin Network cloud service provider database was attacked, the amount of funds involved was ~ $200M.

SlowMist is assisting in the investigation. Please wait for @MixinKernel updates for more information.

— SlowMist (@SlowMist_Team) September 25, 2023

Following the incident, Mixin Network decided to temporarily halt its deposit and withdrawal services. Following extensive discussions and unanimous agreement among all network nodes, these services will resume once identified vulnerabilities are confirmed and rectified. Importantly, this suspension does not impact transfers. The Mixin team will provide details on how lost assets will be addressed at a later time.

Mixin Network On Lost Funds

The Mixin team stated that they would provide a detailed solution later on how to deal with the lost assets. Explaining their stand, the Mixin team noted: “Mixin founder Feng Xiaodong will explain this incident in a public Mandarin livestream at 13:00 HKT on September 25, 2023. Please help spread the word. We will summarize the content in English afterward for easy reference. We will try our best to minimize the losses and deeply apologize for this”.

Soon after the news, the Mixin Network native cryptocurrency XIN came under major selling pressure. As of press time, XIN is trading at $196 with a market cap of $117 million.

Crypto frauds and attacks have been rising rapidly in the market despite several security measures. Last week, $15 million of funds were stolen from the Fortress Trust, with the attacker gaining control over the Google Authenticator cloud sync function of Retool. Rettol announced that the breach impacted nearly 27 of its cloud customers.

The cyberattack initiated through an SMS phishing strategy targeting Retool’s staff. The attackers cleverly impersonated members of the IT team, directing recipients to click on what appeared to be a legitimate link, supposedly addressing a fictitious payroll matter. Regrettably, one employee succumbed to this phishing scheme, accessing a deceptive page that tricked them into disclosing their login credentials.

In another such incident, the hackers drained Exactly protocol of a staggering 4,300 ETH.