ign-news

MetaWin Lost $4M Due to Cyberattack

On November 3, 2024, the online casino MetaWin suffered a major cyberattack, resulting in the withdrawal of $4 million from the platform’s hot wallets. The hacker exploited vulnerabilities in the simplified withdrawal system, reigniting concerns about the security of digital assets in the crypto-gambling sector.

Breach of Hot Wallets and Money Laundering

The hacker targeted MetaWin’s hot wallets, which are used for quick transactions. They exploited weaknesses in the system to make unauthorized withdrawals and transferred the stolen Ethereum (ETH) and Solana (SOL) to exchanges like KuCoin and HitBTC, utilizing a complex network of 115 addresses to obfuscate their trail.

Blockchain expert ZackXBT helped trace the movement of the stolen funds, but the identity of the hacker remains unknown. This incident highlights the risks associated with hot wallets: while convenient, they are more vulnerable than cold storage solutions.

MetaWin’s Response and Fund Recovery

Immediately after discovering the attack, MetaWin suspended all withdrawals to minimize damage. The company’s CEO, Richard “Skel” Skelhorn, stated that 95% of the stolen funds had been recovered, allowing most users to regain access to their assets. Skelhorn personally contributed some of his own funds to help restore balances, a step aimed at rebuilding customer trust.

Additionally, MetaWin announced plans to strengthen its security by implementing more robust measures to protect user funds. The company is actively collaborating with law enforcement and cybersecurity experts to investigate the breach.

Growing Threats in Crypto-Gambling

The MetaWin attack is part of a larger trend of cybercrimes in the cryptocurrency space. According to Cryptorank, total losses due to hacks, flash loan attacks, and scams exceeded $129 million in October 2024 alone.

Recent incidents, such as the $50 million theft from Radiant Capital and the $13 million hack of crypto exchange M2, underscore the increasing vulnerabilities of digital assets. In July 2024, the Lazarus hacking group breached the crypto casino Stake, stealing over $41 million.

This case once again demonstrates that as the crypto industry grows, so do its threats. Moving forward, platforms are expected to invest in hybrid security solutions, combining the convenience of hot wallets with the security of cold storage. Additionally, regulatory compliance and thorough security audits will play a crucial role in safeguarding digital assets from future attacks.