Crypto Casino Metawin Suffers Exploit, $4M Drained

Author

Sujha Sundararajan

Author

Sujha Sundararajan

About Author

Sujha has been recognised as 🟣 Women In Crypto 2024 🟣 by BeInCrypto for her leadership in crypto journalism.

Share

Last updated:

November 4, 2024 04:00 EST

Why Trust Cryptonews

With over a decade of crypto coverage, Cryptonews delivers authoritative insights you can rely on. Our veteran team of journalists and analysts combines in-depth market knowledge with hands-on testing of blockchain technologies. We maintain strict editorial standards, ensuring factual accuracy and impartial reporting on both established cryptocurrencies and emerging projects. Our longstanding presence in the industry and commitment to quality journalism make Cryptonews a trusted source in the dynamic world of digital assets. Read more about Cryptonews

Crypto casino platform Metawin lost $4 million from its Ethereum and Solana hot wallets in a hack on November 3.

Flagged by crypto sleuth ZachXBT, the stolen funds have been transferred to Kucoin and a HitBTC nested service so far.

According to the crypto casino Metawin CEO Richard Skelhorn, the attacker exploited the platform’s “frictionless withdrawal system.” In a message on Discord, he noted that the platform temporarily paused withdrawals to access and secure systems.

“Withdrawals have been re-enabled for 95% of users, with final checks underway for the remaining accounts”, he added.

Meanwhile, ZachXBT pegged the stolen amount with 115+ theft addresses tied to the hack. At this point, the motive of the attack nor the attacker’s identity is known.

Following the hack, CEO Skelhorn noted that the platform is in the process of “topping up wallet balances.”

“We will also be implementing additional security controls for new users, while also exploring ways to maintain a flexible and seamless experience for our trusted community.”

The attack was a “challenge” to the Metawin and its community, he added. “We’re learning from it and will emerge stronger.”

Later, in an updated status, Skelhorn emphasised the company will make some “internal adjustments” to keep bad actors at bay. “I just emptied my piggy bank, we don’t dwell on it. We keep building.”

Crypto Hacks Cost Over $129M in October: CertiK

The crypto casino hack is the latest among the recent wave of high-profile cyber-attacks in the DeFi space, including the most recent Radiant Capital exploit.

Per blockchain security firm CertiK, security breaches like scams and hacks have pushed crypto losses to $129.6 million in October.

CertiK data revealed that exit scams led to $1.2 million in losses, followed by flash loan attacks causing $1.5 million losses in crypto.

On October 16, Binance-backed blockchain protocol Radiant Capital suffered over $50 million in a crypto heist, stealing various cryptocurrencies. The attackers apparently gained control of three out of eleven private keys needed for protocol upgrades.

Further, a phishing attack occurred on October 30, affecting several decentralized applications. The attack compromised the popular Lottie Player animation library, which is used by many tech companies.