A cybercriminal successfully obtained $25 million from Kronos Research, a quantitative trading firm, by obtaining their API keys.
On Nov. 19, the firm reported that someone unauthorized had accessed their API keys, leading them to suspend trading services on their platform.
No financial losses were initially reported. However, upon further investigation performed by blockchain investigator ZachXBT, it was discovered that the hacker had moved the stolen funds into six different crypto wallet addresses.
The transactions, which totaled 12,800 ETH, were made from a Kronos Research account to addresses belonging to the hacker.
The firm has since halted trading services indefinitely while they conduct internal investigations to identify the perpetrator.
Despite the significant loss, Kronos Research remains optimistic and plans to resume trading as soon as possible.
They reassured their clients that the stolen funds were not a considerable portion of their equity.