Kronos Research - REKT

Deja-vu, anyone?

Market maker Kronos Research lost $26M over the weekend, leading to liquidity issues on closely-associated CEX, Woo X.

The Taiwan-based trading firm admitted to having suffered an attack via “unauthorized access of some of our API keys”.

A later update confirmed the amount lost, adding “despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, no partners will be affected”.

According to Woo X, Kronos was the exchange’s largest LP, so when their trading was halted following the hack, Woo X decided to pause markets in order to “protect users positions from a lack of liquidity”.

Users were not happy.

A market maker taking heavy losses and disrupting their partner exchange…

…where have we heard that before?

Credit: X-explore

Kronos Research accounts on four exchanges (across ETH and BSC) began to be drained at approximately 5PM UTC on Saturday.

As well as being transferred directly to the hacker’s address (from OKX and BTSE), funds flowed from CEX wallets, via Kronos’ address and then to the hacker (from Binance and Deeocoin). This was likely due to whitelist restrictions on the addresses to which CEX withdrawals could be made.

Attacker address: 0x2b0502FDab4e221dcD492c058255D2073d50A3ae

A full breakdown of the assets, exchanges and chains can be seen in the flowchart below:

This is not the first time Kronos has had issues, as reported in August:

Two engineers who were dissatisfied with the unpaid bonus tampered with the code of the crypto quantitative trading team Kronos Research before leaving, causing the company to lose $1.4m

Nor is it the first time API leaks have led to losses from CEX accounts.

But perhaps the most interesting aspect of this story is the eerily familiar relationship between Kronos and Woo X.

Have users learned nothing from last November?

Previously boasting of an Alameda/FTX/FTT type setup while half-heartedly claiming to be credibly separate entities…

With so much in common with the drama that marked the lowest point of the bear market, perhaps we’re coming full circle.

We all know crypto is cyclical.

So this must mean we're back, right?

REKT serves as a public platform for anonymous authors, we take no responsibility for the views or content hosted on REKT.

donate (ETH / ERC20): 0x3C5c2F4bCeC51a36494682f91Dbc6cA7c63B514C

disclaimer:

REKT is not responsible or liable in any manner for any Content posted on our Website or in connection with our Services, whether posted or caused by ANON Author of our Website, or by REKT. Although we provide rules for Anon Author conduct and postings, we do not control and are not responsible for what Anon Author post, transmit or share on our Website or Services, and are not responsible for any offensive, inappropriate, obscene, unlawful or otherwise objectionable content you may encounter on our Website or Services. REKT is not responsible for the conduct, whether online or offline, of any user of our Website or Services.