Over $2.7 million was withdrawn from the Remitano exchange’s wallet by a single account, resulting in suspicious transactions.
On September 14, the cryptocurrency exchange Remitano encountered large withdrawals under suspicious circumstances, leading some blockchain analysts to conclude that it may have been compromised.
Cryptocurrency worth $2,7 million has been withdrawn via suspicious transactions. Tether has frozen a purported address used by the attacker, potentially protecting $1.4 million worth of customer crypto.
On September 14, at approximately 12:45 p.m., a known Remitano hot wallet began transmitting funds to an address without previous activity. About $1,400,000 worth of Tether USD coins and $1.00104,000 Ankr tokens (valued at $2,000 at the time) were transferred to address  0x74530e81E9f4715c720b6b237f682CD0e298B66C.
The blockchain analytics platform Cyvers has alerted the cryptocurrency community about the allegedly suspicious transactions.
🚨ALERT🚨Our ML-driven system has detected
multiple anomalous transactions with @remitano
exchange, resulting in a total loss of $2.7M across 3
chains.
we contacted the team to halt any additional losses
and initiate efforts to recover suspected stolen funds#CyversAlert pic.twitter.com/lug03WzNh9
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 14, 2023Tether subsequently blocked the address to prevent the attacker from withdrawing USDT, avoiding the transfer of $1.4 million of the stolen cryptocurrency. Remitano has not yet stated the incident.
Remitano is a peer-to-peer cryptocurrency exchange and payment processor geared toward emergent markets. Users in Pakistan, Ghana, Venezuela, Cambodia, Kenya, Malaysia, India, South Africa, Vietnam, and Nigeria are supported.
A rash of crypto exchange breaches in 2023 resulted in the disclosure of private keys and the theft of funds. U.S. authorities assert that the Lazarus Group, a cybercrime organization believed to have connections to the North Korean government, was responsible for these attacks.
On September 4, the group purportedly stole $41 from the gambling website, Stake, and on September 12, they drained $27 million from Coinex.
