- Taipei-based market maker Kronos Research recently suffered a major security breach.
- Kronos Research is currently engaged in negotiations with the hacker.
- Operations on Kronos Research are still suspended.
The unrelenting trend of cyberattacks in the blockchain ecosystem has posed a formidable challenge, resulting in substantial fund losses for investors and entities. In response to the escalating threats, industry experts and firms are devising new strategies to facilitate asset recuperation.
On November 19, Kronos Research fell victim to a significant cyber attack that siphoned off approximately $26 million, predominantly in Ether (ETH). The market maker has now negotiated with the attacker to mitigate the attack’s impact.
A 10% Bounty In return for Your Ill-Gotten Gains
On Tuesday, November 28, crypto trading firm Kronos Research offered a 10% white hat bounty to the hacker responsible for the cyber attack it experienced. The proposal outlined Kronos’ demands for reimbursing 90% of the stolen assets, totaling approximately $24 million, with the concession that the hacker retains 10% of the funds.
The market maker expressed willingness to drop all legal action against the attacker if its outlined terms are met.
“We acknowledge the complexity of the situation and are prepared to negotiate a resolution. We propose a 10% bounty of any funds stolen, with the remaining 90% to be returned, in which case we will not pursue this further. This offer stands until Nov 30th 08:00 UTC.”
While there has been no response or comment from the attacker at the time of writing, a potential recovery could see the restoration of Kronos Research’s financial health and the stability of its operations.
What Happened to Kronos Research?
On Sunday, November 19, Kronos Research announced that it had fallen victim to a security breach, allowing a malicious actor unauthorized access to its API keys.
The total losses resulting in the breach were summed to have exceeded $26 million, and Kornos Research assured that the losses would be covered internally to ensure no impact on partners.
In response to the attack, platform operations were temporarily suspended, which Kronos Research emphasized was a first since 2018.
On the Flipside
- On-chain negotiations have become the standard method of resolving blockchain hacks.
- KyberSwap, an Ethereum-based multi-chain platform that fell victim to a $46 million cyber heist, also offered a 10% bounty to its attacker.
- In 2023, over 16 cryptocurrency and blockchain entities have fallen victim to cyber-attacks.
Why This Matters
The increasing frequency of cybersecurity challenges within the industry has resulted in the loss of over $420 million, underscoring the industry’s vulnerability and difficulty in aligning with its proclaimed “trustless” nature.
To find out more about the KyberSwap attack, which drained over $46 million, read here:
KyberSwap Attacker Taunts Protocol With Step-By-Step Guide
Standard Chartered Bank joins China in its CBDC Pilot program. Read more:
Standard Chartered Drives E-Yuan Trading in China’s CBDC Test