M2, a UAE-based crypto exchange, experienced a significant security breach that resulted in the loss of $13.7 million in digital assets.
In a Nov. 1 statement, the exchange disclosed that the incident occurred on Oct. 31 at approximately 3:16 A.M., noting that while its team responded swiftly to the attack, the breach still led to a substantial asset loss.
Although the exchange provided limited specifics on the breach, blockchain security firm Cyvers stated that the theft occurred across three addresses on the Bitcoin, Ethereum, and Solana networks.
Cyvers explained that a suspicious address had received approximately $3.7 million in USDT, 97 million SHIB, and 1,378 ETH. This address converted all these assets into ETH, with estimated losses totaling around $13 million. Currently, $10 million remains on the Ethereum network.
However, M2 assured customers that the situation had been resolved and that all affected funds had been fully restored. With this resolution, the firm stated that its services are operating as usual and have been bolstered by enhanced security controls.
Further, M2 emphasized its commitment to customer protection, assuming full responsibility for potential losses and working closely with authorities on the investigation. It stated:
“We are actively cooperating with relevant legal and regulatory authorities to ensure this matter is dealt with thoroughly and appropriately.”
CEXs exploit on the rise
Cyvers commented to CryptoSlate that this attack is part of a worrying trend of increasing security breaches in crypto.
According to the firm, crypto projects have lost more than $2 billion to hacks in the first three quarters of 2024 alone, surpassing all of 2023 and marking a 72% year-on-year increase.
Cyvers pointed out that centralized finance (CeFi) platforms have seen a nearly 1,000% spike in security incidents year over year, while DeFi platforms reported a 25% decrease in losses. However, they remain at risk due to the complexities of smart contracts and protocols.
Due to this, the firm advised crypto projects to implement strong security measures, including advanced access controls, AI-driven real-time monitoring, regular audits, threat detection systems, and a clear incident response plan.
