Mixin Network Hacked for $200 Million: Deposits and Withdrawals Suspended

On September 24th, SlowMist, a blockchain security firm, reported a massive $200 million hack of the Mixin Network. The hack occurred during the “early morning” of September 23rd, focused on Mixin’s cloud service provider database.

Mixin Network, founded in 2017, proclaims itself to be a “free, lightning-fast, peer-to-peer, cross-chain transactional network for digital assets”.

Shortly after the hack was reported, Mixin released a statement confirming they were hacked for approximately $200 million.

In the wake of this staggering hack, Mixin has temporarily suspended all customer deposits and withdrawals.

Mixin Network gave no indication about when this suspension will be lifted.

Two days after the $200 million hack, Feng Xiaodong, founder of the Mixin Network, appeared on a Twitch livestream to address customer concerns regarding their assets.

Shockingly, the company founder stated Mixin “can only ensure at least half of the assets are secure”, leaving doubt for customers as to the fate of the other half.

According to a claim made by Xiaodong, Bitcoin was the “core asset” stolen during the hack.

During the livestream, Xiaodong also stated that Mixin would only be able to refund users “up to a maximum of 50%” of their stolen assets.

The remainder of the stolen assets will be distributed to affected users as “tokenized liability claims” which Mixin will buy back from customers “with its future profits”.

In a plea to the hacker, Mixin sent a message asking for the hacker to refund the stolen funds.

Mixin has offered the hacker, who has been nicknamed the “Mixin Network Exploiter”, a reward of $20 million in return for refunding the customer assets.

“Most of our platform assets were users’, and we hope you can refund them. You can keep $20M of the assets as a BUG Bunty Reward for the BUG. Contact us via bug@mixin.one for the reward details.”

- Message from Mixin to the Hacker

On the 27th of September, four days after the hack occurred, Mixin released an updated statement on social media.

With the assistance of Google (via their subsidiary Mandiant) and SlowMist, Mixin Network was able to complete their investigation into the hack.

According to the statement, Mixin’s situation “is much more optimistic than expected” and “the losses are not as significant as estimated”.

However, Mixin has not released any specific details about the methods that were used to hack their system. All we know at this point is their cloud service provider was attacked, and this resulted in the hacker gaining access to platform funds.

Many individuals following this story are curious as to why a self-proclaimed “decentralized” network would keep $200 million assets in a hot wallet, and why they would even be utilizing a database when everything should be recorded on the blockchain.

To drive home the point further, even Binance CEO Changpeng Xhao, more commonly referred to as CZ, commented on the Mixin hack by saying that “not everything that claims to be decentralizes is”.

What percentage of crypto projects are truly decentralized?

Do you think the hacker will return the stolen funds for the $20 million reward? Would you?

What are your thoughts on this news? Join the conversation below!