$41M in crypto stolen as gambling site, Stake.com, got hacked.
The hack is not just a blow to Stake.com but serves as a cautionary tale for the entire crypto casino sector. Stake.com’s reputation as a secure platform has been severely tarnished, and the incident could potentially deter new users from engaging in crypto gambling. Moreover, the hack could trigger regulatory scrutiny, as authorities may tighten the noose around crypto-based gambling platforms to ensure user security.
Crypto gambling site Stake has experienced $16 million in withdrawals on Sept. 4 in what security platform Cyvers Alerts is calling “suspicious transactions.” The withdrawing account has been labeled “Stake.com Hacker” by Etherscan, implying that the drained funds may be the result of a stolen private key.
Blockchain data shows very large withdrawals from Stake.com contracts into the alleged attacker’s account. The first transaction occurred at 12:48 p.m., transferring approximately $3.9 million worth of Tether (USDT) stablecoin from Stake to the attacker’s account. The next two transactions removed 6,001 Ether (ETH), worth approximately $9.8 million at the current price. The attacker continued to remove tokens over the next few minutes, including approximately $1 million USD Coin (USDC), $900,000 worth of Dai (DAI) stablecoin, and 333 Stake Classic (STAKE) ($75.48). Cyvers has estimated the total value of crypto drained at $16 million.
After draining the funds, the alleged attacker distributed them to multiple accounts. At the time of publication, Stake has not made an announcement regarding the suspicious withdrawals.
Despite the breach, it’s worth noting that Stake.com had implemented a series of security measures aimed at safeguarding user data and funds:
The platform enforced a stringent password policy, requiring users to create complex passwords that are challenging to decipher.
Stake.com had also integrated 2FA, offering an additional layer of security that goes beyond just a username and password.
The platform had a practice of conducting frequent security audits to identify and rectify potential vulnerabilities, aiming to stay one step ahead of cybercriminals
