WEB3
by BSCN
November 4, 2024
The attacker targeted Metawin's Ethereum and Solana hot wallets, draining a substantial amount of funds.
Crypto casino Metawin recently faced a security breach, resulting in a loss of over $4 million, per blockchain investigator ZachXBT.
According to Metawin CEO Richard “Skel” Skelhorn, the hack targeted the platform’s withdrawal mechanism, which was designed for swift transactions. This “frictionless withdrawal system” allowed the hacker to access and drain funds from hot wallets tied to Ethereum and Solana.
As Skelhorn confirmed, this exploit led to the immediate suspension of withdrawals to prevent further losses. The platform has since re-enabled withdrawals for about 95% of users after securing its systems.
ZachXBT, known for tracing crypto exploits, collaborated with Metawin to assess the hack. The hacker accessed more than 115 addresses during the attack, showing a high level of technical skill.
Hot wallets, which are more vulnerable due to their continuous online connection, proved to be an entry point for the hacker’s operation.
Using blockchain forensics, ZachXBT tracked the stolen funds, revealing that they were routed through Kucoin and a nested service on HitBTC. This tactic is commonly employed to obscure the origin of funds, complicating recovery efforts.
Transferring assets into mixed or nested accounts further distances them from their original source, making it difficult to trace them.
The identity and motivation of the hacker remain unknown.
In response to the hack, Skelhorn assured users that his team is working tirelessly to fortify platform security. He acknowledged the incident on Metawin's Discord, confirming that authorities have been contacted and that the platform is making "internal adjustments" to prevent similar incidents.
Skelhorn also revealed that he personally covered part of the financial impact, sharing, “I just emptied my piggy bank… We keep building.”
The Metawin hack adds to a growing list of crypto security breaches this year. According to blockchain security firm CertiK, October alone saw $129.6 million in crypto losses from hacks, exit scams, and flash loan attacks.
Exploits accounted for the greatest share of stolen assets, with $127 million. This figure represents a slight increase from September but a notable decrease from the $324.7 million lost to hacks in May.
Among recent incidents, the Radiant Capital hack stands out as the largest, with the lending protocol losing over $50 million in assets. Other notable attacks include a $36-million phishing incident targeting a high-value investor and a $13-million hack on M2 crypto exchange.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCN. The information provided in this article is for educational and entertainment purposes only and should not be construed as investment advice, or advice of any kind. BSCN assumes no responsibility for any investment decisions made based on the information provided in this article. If you believe that the article should be amended, please reach out to the BSCN team by emailing [email protected].
Latest News
March 15, 2025
Weekly Article Recap: 3/10-3/14
March 14, 2025
Top 7 Crypto Terms You Should Know in 2025
March 14, 2025
Latest Bitcoin Analysis: Russian Oil and US ETFs
March 14, 2025
Kaspa (KAS) vs Ripple (XRP): Head-to-Head Comparison
March 14, 2025
Solaxy and the SOLX Token Explained: An L2 on Solana
March 14, 2025
Analyzing PiChainMall and its Role in Pi Network’s Ecosystem
March 14, 2025
Four.Meme Launches $10M Ecosystem Fund: Key Details
March 14, 2025
JasmyCoin Goes Multichain With Chainlink CCIP: Details