The Abu Dhabi-based M2 cryptocurrency exchange suffered a significant security breach, resulting in the theft of millions of Bitcoin (BTC), Ethereum (ETH), and Solana (SOL). The exchange has already reimbursed affected customers.
A hacker has drained M2 exchange hot wallets to $13.7 million. That said, M2 was quick to remedy the situation. At 3:32 AM – 16 minutes after the attack – it reported the situation was “resolved” and all customer funds were reimbursed to customers.
That said, M2 didn’t provide details on what “enhanced security” it has implemented. A security update writes :
“We are dedicated to upholding the highest standards of security and compliance, and we are actively cooperating with relevant legal and regulatory authorities to ensure this matter is dealt with thoroughly and appropriately.”
M2 is a relatively new crypto exchange that launched in the United Arab Emirates (UAE) in November 2023. It’s a small exchange with around $45,000 in 24-hour trading volumes.
This is perhaps to its fortune, as hackers could have made off with significantly more crypto. However, it is not ideal for a crypto platform to be hacked and compromised for millions of dollars.
Typically, a platform will produce a post-mortem of the event, outlining the nature of the attack. It will usually detail the vectors used by the hacker and—usually in granular detail—explain how they intend to fix the vulnerabilities. M2 has yet to do so.
Cryptocurrency platforms and services are always under attack, and not even U.S. government-linked crypto wallets are safe from the paws of cybercriminals.
Earlier in October, Web3 security firm CertiK published a report that revealed an estimated $750 million worth of crypto had already been lost to crypto hacks in Q3 of 2024.
So far, 2024 has seen approximately $2 billion in losses to crypto hacks, which will unfortunately grow by year’s end.