On September 25, 2023, Hong Kong-based decentralized finance (DeFi) project Mixin Network fell victim to a massive hack, resulting in the loss of approximately $200 million in cryptocurrency. This incident marks one of the largest hacks targeting a web3 platform to date.
The attack was confirmed by Mixin Network in a public statement posted on social media platform X (formerly known as Twitter). According to the statement, hackers compromised Mixin’s cloud service provider database on September 23, leading to the substantial loss of funds. As a precautionary measure, deposit and withdrawal services on Mixin Network were temporarily suspended until the vulnerabilities could be identified and resolved. However, transfers were not affected during this period.
In response to the breach, Mixin Network has enlisted the help of Google and blockchain security company Slow Mist to assist with the investigation and enhance their security measures.
Founder of Mixin, Feng Xiaodon, addressed the community in a live-streamed update from Hong Kong, providing guidance on how users can navigate the aftermath of the attack. The platform also committed to releasing English summaries of the situation shortly.
As a result of the hack, Mixin experienced a loss of approximately $30 million in total value locked (TVL), a key metric used to gauge the total value of assets locked or staked within the platform. DeFi dashboard DeFi Llama provided insights into the impact of the breach on Mixin’s total value locked and XIN token price.
Mixin protocol and its native XIN token were introduced in 2017 to facilitate cross-chain transactions, allowing users to seamlessly transact assets across different blockchains without concerns about exchange rates or fees. The platform supports over 10,000 decentralized applications (DApps) globally.
The cyber-attack on Mixin Network has sparked criticism from the crypto community, questioning the reliance on a centralized cloud service provider database within a decentralized infrastructure. This incident ranks as the fifth largest crypto hack outside of exchanges, following notable breaches such as Ronin Network, Poly Network, BNB Bridge, and Wormhole over the past two years.
Despite attempts to reach out to Mixin Network for comment, the platform has not responded to inquiries regarding the security breach. The industry continues to monitor developments in the aftermath of this significant hack as security measures are reassessed and strengthened to prevent future vulnerabilities.