M2, a crypto exchange based in the United Arab Emirates, suffered a significant security breach that resulted in the loss of $13.7 million in digital assets.
In a statement on November 1, the exchange revealed that the incident occurred on October 31 at around 3:16 a.m., noting that although its team responded quickly to the attack, the breach nonetheless resulted in a loss substantial assets.
Although the exchange provided limited details about the breach, blockchain security firm Cyvers said the theft occurred at three addresses on the Bitcoin, Ethereum and Solana networks.
Cyvers explained that a suspicious address received approximately $3.7 million in USDT, 97 million in SHIB, and 1,378 ETH. This address converted all of these assets to ETH, with losses estimated at around $13 million. Currently, there is $10 million left on the Ethereum network.
However, M2 assured customers that the situation had been resolved and all affected funds had been fully returned. With this resolution, the company said its services are operating as usual and have been reinforced with enhanced security controls.
Additionally, M2 emphasized its commitment to customer protection, taking full responsibility for potential losses and working closely with authorities during the investigation. He declared:
“We are actively cooperating with the relevant legal and regulatory authorities to ensure that this matter is addressed thoroughly and appropriately.”
CEX exploitation on the rise
Cyvers commented at CryptoSlate that this attack is part of a worrying trend of increasing security vulnerabilities in cryptography.
According to the company, crypto projects lost more than $2 billion to hacking in the first three quarters of 2024 alone, outpacing all of 2023 and marking a 72% year-over-year increase. other.
Cyvers highlighted that centralized finance (CeFi) platforms saw a nearly 1,000% increase in security incidents year-over-year, while DeFi platforms reported a 25% decrease in losses. However, they remain at risk due to the complexity of smart contracts and protocols.
For this reason, the company advised crypto projects to implement strict security measures, including advanced access controls, AI-based real-time monitoring, regular audits, security detection systems, threats and a clear incident response plan.
