Crypto casino Metawin gets hacked, over $4 million stolen in SOL and ETH

Source Cryptopolitan

Metawin, a crypto casino, got hit hard today. Hackers exploited it for more than $4 million in Ethereum (ETH) and Solana (SOL).

On-chain sleuth ZachXBT flagged the incident on Telegram, saying, “Looks like the crypto casino Metawin was exploited for $4M+ on Ether and SOL earlier today.” He traced over 115 addresses linked to the attacker, who then moved the stolen funds to KuCoin and a nested service on HitBTC.

This latest hack adds to a string of high-profile thefts that have plagued the DeFi sector, making October one of the bloodiest months for crypto security breaches.

The month saw 20 reported crypto attacks, causing a combined loss of around $88.47 million. This flood of exploits highlights ongoing vulnerabilities in the decentralized finance (DeFi) space, where hackers seem to outmaneuver security upgrades at every turn.

October’s biggest hacks

Radiant Capital experienced October’s worst single hack. On October 17, attackers exploited weak points in Radiant’s smart contracts, swiping $53 million.

Using cross-chain protocols, hackers bridged the stolen assets to Ethereum, making the theft difficult to trace. Radiant’s massive breach added fuel to concerns over DeFi’s cross-chain vulnerabilities.

Then there was a wallet linked to the U.S. government, which saw an unusual incident. Hackers compromised the wallet, snatching about $20 million.

Strangely, most of the funds were returned, though around $700,000 remains missing. It’s not every day that a government-controlled wallet gets hacked, adding a bizarre twist to October’s crime spree.

EigenLayer, a liquid staking network, faced its own mess earlier in the month. On October 4, attackers looted $5.7 million, which was quickly laundered through exchanges like HitBTC and Bybit. This breach underscored the persistent weaknesses in staking and liquidity protocols.

The Tapioca Foundation, another DeFi platform, suffered a major loss. Hackers targeted its token vesting contract using social engineering tactics, managing to steal $4.7 million.

And we can’t leave out Sunray Finance, which lost $2.86 million. Attackers manipulated token values on the Arbitrum chain, causing Sunray’s SUN token to nosedive. Another stark reminder of how fragile DeFi platforms can be, especially when attackers play with token values directly.

A billion-dollar problem

As of November 2024, total losses from crypto hacks have hit over $1.4 billion, spanning 179 incidents. Although this year has seen fewer individual attacks than in past years, the average loss per hack is climbing. The stakes are higher, and the attacks keep getting bolder and costlier.

In Q3 alone, hackers stole around $750 million across 155 incidents. That’s fewer attacks but larger hauls. Each hack averaged a staggering $5.93 million in stolen assets, with a median loss of around $120,529. These numbers show a troubling trend where even a single breach can cripple platforms or wipe out users.

Phishing attacks remain a go-to method. During Q3, phishing was behind $343 million in losses across 65 incidents. Hackers often trick users into handing over their keys or clicking malicious links, and the results are predictable and devastating.

Another classic is private key compromises. These attacks caused around $317 million in losses from just ten incidents. Poor key management remains a glaring issue in crypto. If you hold the keys, you hold the money—and hackers know it.

Other techniques like code vulnerabilities and re-entrancy exploits keep popping up too. These methods exploit flaws in smart contract code, allowing hackers to drain funds by initiating multiple contract calls in a single transaction. It’s been a favorite trick for years, and it’s still working.

Each of these attacks, from Radiant Capital’s $53 million breach to Metawin’s $4 million heist, lays bare the challenges in securing decentralized finance. Stopping the hackers would require platforms to step up their defenses and stop treating security as an afterthought.

Disclaimer: For information purposes only. Past performance is not indicative of future results.
placeholder
Bitcoin Pattern Breaks: Price Near ATH, But HODLers Still Not SellingOn-chain data shows HODLing behavior remains dominant among the Bitcoin investors despite the fact that the price is near the all-time high (ATH).
Author  Bitcoinist
Jul 04, Fri
On-chain data shows HODLing behavior remains dominant among the Bitcoin investors despite the fact that the price is near the all-time high (ATH).
placeholder
Unlocking Future Growth? Alibaba Raises $1.53 Billion via Zero-Coupon Bond to Boost Cloud and Global ExpansionOn July 4, Alibaba Group announced the successful completion of its zero-coupon exchangeable bond issuance , raising HKD 12.023 billion (approximately USD 1.53 billion).
Author  TradingKey
Jul 04, Fri
On July 4, Alibaba Group announced the successful completion of its zero-coupon exchangeable bond issuance , raising HKD 12.023 billion (approximately USD 1.53 billion).
placeholder
Silver Price Forecast: XAG/USD consolidates right below $37.00 in risk-off marketsSilver consolidates the previous two days' gains and remains pinned near $37.00.
Author  FXStreet
Jul 04, Fri
Silver consolidates the previous two days' gains and remains pinned near $37.00.
placeholder
USD/JPY slumps to near 144.30 as Yen’s safe-haven demand increasesThe USD/JPY pair falls over 0.4% to near 144.30 during European trading hours on Friday.
Author  FXStreet
Jul 04, Fri
The USD/JPY pair falls over 0.4% to near 144.30 during European trading hours on Friday.
placeholder
Non-Farm Payrolls Deflate Rate Cut Hopes with 147,000 New JobsOn Thursday in the US, a stronger-than-expected June non-farm payroll report dashed hopes for a rate cut in July.
Author  TradingKey
Jul 04, Fri
On Thursday in the US, a stronger-than-expected June non-farm payroll report dashed hopes for a rate cut in July.
goTop
quote