Everyday is lazarus.dayβ

GDAC Incident Analysis

2023-04-14, CertiK
#Suspicious #Cryptocurrency #GDAC


On the morning of 10 April, South Korean exchange GDAC announced on their website that their exchange wallets had been compromised leading to the loss of $13 million worth of cryptocurrency. The company disclosed that this loss amounted to 23% of all of the exchange's holdings. Whilst unconfirmed at the time of writing, this incident was highly likely due to a private key compromise, and would account for the largest such incident in 2023.
Whilst GDAC announced on 10 April that their exchange was exploited, the incident likely began around 06:36pm +UTC on 8 April on the Ethereum network. At this time, 0.5 ETH is transferred to a hackers address as a possible test. Approximately six minutes later the majority of the ETH in externally owned address (EOA) 0x9f474, which CertiK have confirmed belongs to GDAC, was transferred to three separate wallets.
Image: Historical Ether balance of compromised GDAC wallet. Source: Etherscan
Additionally, …