The blockchain-based poker platform CoinPoker recently experienced a significant security breach on November 8th, resulting in the loss of nearly 2000 ETH, valued at approximately 2 million USD. This cyberattack targeted the platform’s hot wallet, exploiting vulnerabilities to bypass existing safeguards. The attackers executed a series of organized transactions that affected Ethereum, Binance Smart Chain (BSC), and Polygon networks.
Flight of the Attack
An in-depth report by Cyvers Alerts reveals that the attack commenced with a $10,000 USDT transfer on the Ethereum network, possibly as a probe to test the system’s defenses. Despite custodial policies designed to limit transfer volumes, the hacker managed to execute 82 transactions within a span of 50 minutes, each not exceeding $25,000. This strategic approach allowed the perpetrator to fly under the radar, gradually depleting the wallet’s resources without immediate detection.
To obscure the trail of stolen assets, the attacker cleverly utilized Tornado Cash for laundering Ethereum and Polygon funds, while BSC amounts were directly deposited into a mixer. By fragmenting transactions into smaller amounts, the hacker effectively rendered the stolen funds nearly impossible to trace.
CoinPoker’s Security and Custodial Challenges
CoinPoker employs a custody solution like Fireblocks, which emphasizes robust security measures such as multi-party computation (MPC) and Proof of Reserves. However, this incident has highlighted weaknesses in their custodial security protocols. Whether Fireblocks was responsible for managing the compromised wallet or another solution was in use, the breach underscores the necessity for more proactive and comprehensive protection strategies.
This event serves as a crucial reminder for the crypto community about the importance of implementing stringent access controls and continuous monitoring solutions for hot wallets. By employing strategies like incremental transfers and sophisticated laundering techniques, the stolen funds became nearly indiscernible, emphasizing the need for enhanced security measures.
In light of this attack, it is imperative for platforms like CoinPoker to bolster their wallet security and adopt a more cautious approach to custodial operations. This incident not only reflects the vulnerabilities within the current system but also calls for an urgent need to prioritize security enhancements to protect digital assets effectively.
