CoinPoker Loses $2 Million in 2000 ETH Hot Wallet Hack

The blockchain-based poker system CoinPoker’s hot wallet had been hacked on 8th November which caused the loss of nearly 2000 ETH, or around 2 million USD. These attacks targeted wallets or access to a wallet bypassing wallet safeguards, and funnelling money through multiple transactions in an organized manner, that targeted Ethereum, BSC, and Polygon.  

Flight of the Attack

According to the comprehensive report by Cyvers alerts, the hack started with a $10K USDT transfer on Ethereum, possibly to check on the system’s susceptibility. Custodial policies limiting the amount of money being transferred were evident from the fact that the hacker undertook 82 transactions within 50 minutes of attacks, all with transaction values not exceeding $25,000. This approach made it difficult to detect the activity immediately while constantly reducing the utilization of the wallet.  

The Ethereum and Polygon bridged amounts went through Tornado Cash laundering whereas BSC directly deposited its amount to the mixer. The attacker divided transactions into small sizes and made good use of Tornado Cash to ensure that the assets stolen from the network would be almost untraceable.

Coinpoker’s Security and Custodial Challenges

The platform uses the custody solution, such as Fireblocks, prioritizes security measures, including the multi-party computation (MPC) and Proof of Reserves. Nonetheless, the said event exposed deficiencies in the security of custody. Whether Fireblocks was used to manage the sawed-off wallet or there is another solution, it is clear that the problem requires more proactive protection.

The attack indicates that proper access controls and monitoring solutions should be applied to hot wallets properly. Using policies like incremental transfer and refined laundering methods, the funds became practically undetectable to reinstate.  

The CoinPoker hack is an excellent reminder for the crypto community about the importance of improving the security of wallets and exercising a more careful approach to the work of custodians. 


Earn more PRC tokens by sharing this post. Copy and paste the URL below and share to friends, when they click and visit Parrot Coin website you earn: https://parrotcoin.net0


PRC Comment Policy

Your comments MUST BE constructive with vivid and clear suggestion relating to the post.

Your comments MUST NOT be less than 5 words.

Do NOT in any way copy/duplicate or transmit another members comment and paste to earn. Members who indulge themselves copying and duplicating comments, their earnings would be wiped out totally as a warning and Account deactivated if the user continue the act.

Parrot Coin does not pay for exclamatory comments Such as hahaha, nice one, wow, congrats, lmao, lol, etc are strictly forbidden and disallowed. Kindly adhere to this rule.

Constructive REPLY to comments is allowed

Leave a Reply