Deribit $28 Million Hot Wallet Hack Analysis
Contents
Deribit’s $28 Million Hot Wallet Hack Analysis | QuillAudits
Summary:
On the 1st of November 2022, Deribit Exchange was hacked for $28 Million. The attacker compromised Deribit’s BTC, ETH, and USDC hot wallets and drained around $28 Million worth of cryptocurrencies. Deribit temporarily halted withdrawals and further announced that client assets were not affected.
Deribit Exchange:
Deribit is a leading cryptocurrency futures and options exchange that enables crypto traders to execute derivatives trading strategies for various Cryptocurrencies. Deribit offers derivatives products for bitcoin and Ether.
Hack Details:
Hot Wallets: Web-based wallets, mobile wallets, and desktop wallets are all typically hot wallets. Among them, web wallets are the least secure, though all crypto hot wallets are vulnerable to online attacks.
Deribit’s Hot Wallet was compromised which led to the draining of funds by the attacker. There are many possible ways in which these hot wallets could have been compromised like Online Malware, Seed phrase leaks, social engineering, keyloggers, …
Summary:
On the 1st of November 2022, Deribit Exchange was hacked for $28 Million. The attacker compromised Deribit’s BTC, ETH, and USDC hot wallets and drained around $28 Million worth of cryptocurrencies. Deribit temporarily halted withdrawals and further announced that client assets were not affected.
Deribit Exchange:
Deribit is a leading cryptocurrency futures and options exchange that enables crypto traders to execute derivatives trading strategies for various Cryptocurrencies. Deribit offers derivatives products for bitcoin and Ether.
Hack Details:
Hot Wallets: Web-based wallets, mobile wallets, and desktop wallets are all typically hot wallets. Among them, web wallets are the least secure, though all crypto hot wallets are vulnerable to online attacks.
Deribit’s Hot Wallet was compromised which led to the draining of funds by the attacker. There are many possible ways in which these hot wallets could have been compromised like Online Malware, Seed phrase leaks, social engineering, keyloggers, …
IoC
58f56615180a8eea4c462235d9e215f72484b4a3
8d08aad4b2bac2bb761ac4781cf62468c9ec47b4
b0606f433496bf66338b8ad6b6d51fc4d84a44cd
8d08aad4b2bac2bb761ac4781cf62468c9ec47b4
b0606f433496bf66338b8ad6b6d51fc4d84a44cd