On November 18th, Kronos Research, a crypto trading firm, fell victim to an unauthorized API access incident, leading to the theft of digital assets worth $26 million.
In the immediate aftermath, the company took to Twitter-X to announce the cyber-breach, which resulted in financial losses exceeding 12,800 ETH.
Kronos confirmed in a statement:
“At present, we can confirm that the losses are about $26 million in crypto assets, and despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, no partners will be affected.”
Kronos and Past Cybersecurity Breaches:
Kronos Research, a renowned cryptocurrency trading team, has had its share of cybersecurity breaches. In a previous incident, they suffered a loss of $1.4 million in 2020 due to malicious code alterations by disgruntled engineers.
It is no doubt, many organizations overlook the threat from within (aka insider threat), trusting their employees implicitly. However, not everyone upholds moral standards, highlighting the need for organizations to incorporate the principle of least privilege in their security design, in addition to a defense-in-depth approach.
In a separate incident, Ultimate Kronos Group, also fell victim to a devastating ransomware attack that disrupted payroll systems for numerous workers. This attack targeted the Kronos Private Cloud, affecting a limited number of their customers.
Impact of the November 18th Incident:
Despite the substantial loss from the incident on November 18th, 2023, the company maintains that its financial standing remains unaffected, with all losses to be covered internally. The incident has prompted the firm to suspend trading temporarily while it collaborates with exchanges and partners to manage the situation.
Security Measures Taken:
In response to the breach, Kronos Research has indicated that it may implement additional security measures such as multi-factor authentication, regular software updates, and strict access controls.
These measures aim to minimize the risk of unauthorized access to their systems and assets. Regular security audits and penetration testing may also be conducted to identify and address any vulnerabilities. However, the company has not disclosed the exact measures it will take, so this remains speculative.
FixitGearWare Security continues to advocate for the Web3 to enhance and fortify their physical and cloud infrastructures. This incident is just one of many attacks experienced in the crypto world, serving as a stark reminder of the need for robust security measures. We also urge our readers, to always stay safe, and be vigilant 🛡️!
Put your comments below in the comment section on your thoughts about this.