Mixin Network Hack: $200M Drained From Mainnet Assets

Mixin Network has suspended all deposits and withdrawals and will restart services “once the vulnerabilities are confirmed and fixed.”

Mixin Network, a decentralized peer-to-peer network, has lost approximately $200 million in a breach involving compromising a third-party cloud service provider's database.

Mixin Network confirmed on September 25 that a breach on September 23 removed approximately $200 million worth of cryptocurrency from its mainnet. Following the disclosure, all deposit and withdrawal services on Mixin Network were immediately suspended.

[Announcement] In the early morning of September 23, 2023 Hong Kong time, the database of Mixin Network's cloud service provider was attacked by hackers, resulting in the loss of some assets on the mainnet. We have contacted Google and blockchain security company @SlowMist_Team…

— Mixin Kernel (@MixinKernel) September 25, 2023

Mixin Network appointed blockchain experts, SlowMist and Google to assist in investigating the hack while the Mixin team endeavors to recover.

Mixin held $94,48 million in ETH during the hacking. $23.55 million invested in Dai DAI and $23.3 million in Bitcoin, According to a PeckShield investigation conducted separately. The total value of the portfolio was $141,32 million.

Deposits and withdrawals will resume on Mixin Network “once the vulnerabilities are confirmed and fixed.” Plans to recover the missing assets for users were later announced.

While it was initially promised that Mixin founder Feng Xiaodong would explain this incident in a public Mandarin livestream on September 25 at 1:00 p.m... Hong Kong Time, official social media channels such as X (formerly Twitter), and its official website Mixin. The network did not provide links to the live stream.

Vitalik Buterin, co-founder of Ethereum, was recently the victim of a cyberattack that compromised his social media profile on X.

Buterin verified he was a victim of a SIM swap attack after “someone socially engineered T-Mobile itself to take over my phone number.” SIM swap or sim jacking attacks seek to take control of the victim's mobile number and use two-factor authentication to access their social media, banking, and cryptocurrency accounts.