Mixin – a cross-chain peer-to-peer network for crypto transfers – has become the latest victim of cryptocurrency thieves. Post on Xthe network announced that it was the victim of a hack on September 23, and the funds involved reached $200 million.
According to Mixin’s statement, hackers compromised the network’s cloud service provider’s database. Founder Feng Xiaodong has announced a compensation plan that will initially return 50% of users’ assets.
Based on the exploiters’ publicly disclosed addresses, Elliptic’s internal analysis suggests that the stolen funds consist of $95.3 million in Ether (ETH), $23.7 million in Bitcoin (BTC), and $23.6 million in Tether (USDT).
The chart below shows these values compared to Mixin’s the last financial report, released at the end of July. Assuming this statement remained largely representative of Mixin’s holdings at the time of the attack, the hackers now own 9% of Mixin’s BTC, 71% of his ETH, and 93% of his USDT.
The hackers have yet to launder the funds, but they sent the stolen USDT through the Uniswap decentralized exchange to recover the Dai stablecoin. Like USDT, Dai is pegged 1:1 to the US dollar. However, unlike Tether, Dai cannot be frozen. Therefore, it is common practice for hackers who steal USDT to immediately exchange it for Dai or other assets that cannot be frozen.
Elliptic previously discussed this washing typology in its introductory section “The state of cross crime” report, which covers the growing criminal exploitation of decentralized exchanges and other decentralized anonymous exchange protocols, such as cross-bridges and coin exchange services.
As demonstrated by the activity of the Mixin hacker following the theft, cross-crime remains a very relevant and ongoing threat to the virtual asset business. To that end, we’ve prepared an update to this report focusing on the latest cross-chain typologies, many of which have been used in Mixin-like hacks. You can pre-register here to receive the report as soon as it is published.
Elliptic has taken immediate action to ensure that the wallets associated with the Mixin theft are flagged and available for review with our tools. Elliptic users will be able to ensure that they are protected from inadvertent processing of funds stolen through this hack if and when the perpetrators attempt to cash out.
Global Crypto Crime Articles