Security

Web3 security firm identifies activity similar to Kraken breach on OKX, BingX, Gate.io and Binance

  • Hexagate, a Web3 security firm, has identified on-chain activity similar to CertiK in Kraken’s case.
  • Security firm detected this across Base, BNBChain, Optimism, Arbitrum, Avalanche, LineaBuild and Polygon.
  • Hexagate states there is no evidence that exchanges have been impacted, shows on-chain proof, alerting users.

Security-focused ranking platform CertiK identified itself as the “white-hat” hacker behind the $3 million Kraken hack. The exchange is treating the case as a criminal exploit, and law enforcement is attempting to recover funds.

While the security firm defended its actions on X (crypto Twitter), it claims to have faced “extortion” from the exchange.

Web3 security firm sees activity identical to Kraken on other exchange platforms

Web3 security firm Hexagate has identified on-chain activity similar to CertiK’s interaction with the Kraken exchange platform across different chains: Base, BNBChain, Optimism, Arbitrum, Avalanche, LineaBuild and Polygon.

While the platform notes that exchange platforms may not have been impacted and presents no evidence for the same, it shows proof of the on-chain activity in a series of tweets on X. The firm lists exchange platforms like OKX, BingX, Gate.io and Binance.

The firm notes that the activity was traced back to May 17.

Post the @krakenfx breach, we’ve detected similar activity on @base, @BNBCHAIN, @Optimism, @arbitrum, @avax, @LineaBuild and @0xPolygon trying to target @okx, @BingXOfficial, @gate_io, and @binance and others and some unknown addresses, with matching signature hashes.

NOTE: We… pic.twitter.com/JyMZy0Uira

— Hexagate (@hexagate_) June 20, 2024

CertiK informed the community of multiple bugs as part of the investigation and assessed the scope of the exchange’s vulnerability. CertiK says it’s behind Kraken’s $3 million bug exploitation.

For sharing the actual evidence of the on-chain activity, Hexagon was slammed for sharing the information in tweets. The firm defended themselves, noting that the incident was publicly known.

Guys, I know you want to showcase your solution but if there is actually an attack going on then it’s reckless to comment on it publicly before the named parties responded to your disclosure.

— Oliver | Hats (@0xAngler) June 20, 2024

This incident is publicly known and was publicly announced by the companies themselves with their evidence. All we did is traced onchain similar attempts of the same thing that was shared on CT. We waited more than a day to share – we never post if there is any threat to funds.

— Hexagate (@hexagate_) June 20, 2024

FXStreet reached out to OKX, BingX, and Gate for comments but did not receive any before publishing.

Source

Click to rate this post!
[Total: 0 Average: 0]
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *