Kronos Research Promises $2.5M to Hacker but There’s Catch

On Nov 28, 2023 at 11:19 am UTC by · 2 mins read
an image

A recent message that Kronos sent to the hacker shows the firm requesting that the attacker return 90% of the stolen funds. 

Cryptocurrency trading firm Kronos Research has extended what seems like a good-faith gesture to its recent hacker. In mid-November, the Taipei-based investment firm was exploited via stolen API keys.

The crypto trading firm has since taken to its official X page to announce the security breach. It said the breach saw the hacker making away with a total of $25 million, a significant loss for the platform.

In an attempt to calm its users, Kronos issued the following statement via an X post:

“At present, we can confirm that the losses are about $26 million in crypto assets, and despite it being a sizable amount, Kronos remains in good standing. All losses will be covered internally, and no partners will be affected.”

Interestingly, it looks like one way that Kronos intends to cover the losses “internally” is by negotiating with the attacker. A recent message that Kronos sent to the hacker shows the firm requesting that the attacker return 90% of the stolen funds.  This means that they get to keep the remaining 10% to themselves. Kronos also promises that there would be no further action from its end once these conditions are met, Etherscan reveals.

It is not exactly clear whether or not the hacker will choose to return the funds. However, Kronos may have subtly suggested in its message that failure to do so would result in the involvement of relevant authorities on the matter.

Kronos Research Hack: Another Proof of a Growing Trend of Hacker Negotiations

It is worth mentioning that the unfolding events in the Kronos hack point to the fact that public, on-chain negotiations between hackers and their victims have become increasingly common.

Just as with Kronos, KyberSwap also recently gave 10% away to an attacker who recently stole funds from the decentralized exchange. Similarly, Curve Finance did the same in August. It negotiated with hackers via transaction signing and also gave out the same 10%.

Whatever might be the case, these occurrences are gradually becoming a trend. A trend where firms may just unknowingly be encouraging continued bad acting without any serious consequences to these hackers.

To put the above statement into perspective, over $1.2 billion has been stolen from Decentralized Finance (DeFi) protocols. That is so far in 2023 alone, according to DeFiLlama.

Share:

Related Articles

Binance Warns Users of Rising SMS Phishing Scams, Promises New Security Measures

By February 26th, 2025

Binance has alerted users to the rising threat of SMS phishing attacks where scammers manipulate sender information to appear legitimate, emphasizing the exchange never contacts users through SMS channels.

BREAKING: Bybit’s Ethereum Cold Wallet Hacked in $1.46B Breach—One of the Largest Ever

By February 21st, 2025

Bybit CEO Ben Zhou reassured users, stating that even if the stolen funds are not recovered, Bybit can cover the losses.

MetaMask Cautions Crypto Traders Against Memecoin FOMO Ahead of 2025 Altseason

By January 20th, 2025

The cryptocurrency market sees unprecedented growth as Trump administration’s pro-crypto stance drives institutional investment, while celebrity-backed memecoins gain traction despite security concerns.

Exit mobile version