ZachXBT Investigation Reveals $14.8M Exploit On Crypto Exchange Rain

Bahrain-based crypto exchange Rain is reeling from a significant security breach, according to recent findings by on-chain investigator ZachXBT. 

Details of Exploit

The exploit, which occurred on April 29, 2024, resulted in a staggering loss of approximately $14.8 million. ZachXBT’s investigation revealed suspicious outflows from Rain’s BTC, ETH, SOL, and XRP wallets on the day of the exploit. The funds were swiftly moved to instant exchanges and exchanged for BTC and ETH. The stolen funds were then divided into wallets holding 137.9 BTC and 1,881 ETH, all of which have remained inactive since the exploit.

Post-Exploit Transactions

Further analysis pointed to a specific Ethereum wallet ending in d609, which received multiple transactions from Bitgo multisignature wallets. These transactions, totaling 26, involved the transfer of ETH and various tokens, including Shiba Inu, Chainlink, Tether, and USD Coin, which were promptly swapped for ETH on Uniswap.

After the initial breach, Arkham Intelligence observed the d609 wallet accumulating different tokens, such as Aave, Yearn Finance, and MakerDAO, which were then exchanged for ETH. This complex series of transactions highlights the sophisticated methods employed by hackers to obfuscate their activities.

Industry-Wide Impact

As reported on Rain’s website, its “pro” version, an advanced trading platform, has experienced intermittent outages since May 5. In 2023, Rain obtained a license to operate a virtual asset brokerage and custody service in the United Arab Emirates.

The Rain hack adds to the growing trend of crypto-related security breaches. Last year, crypto investors lost a staggering $2 billion to hacks and exploits, with an additional $333 million stolen in the first quarter of this year alone.

Similar Recent Incidents

The hack on Rain follows other recent breaches in the crypto community. On May 6, the Gnus AI community suffered a significant breach through its Discord channel, resulting in a loss of $1.27 million. Attackers gained access to team members’ private messages and minted 100 million fake tokens, causing a crash in the GNUS token price.

Similarly, the Galaxy Fox web3 platform was hacked on May 10 due to a smart contract vulnerability, resulting in the theft of over 108 ETH.

Also, on May 10, the Tsuru platform encountered issues with its TRUSU Wrapper contract, leading to significant transaction processing problems. This vulnerability allowed users to bypass normal contract operations with custom code, resulting in out-of-gas errors and disrupted transaction flows.

These series of exploits have cast a shadow over the crypto space, which is already being stifled by complicated regulatory practices by the SEC and other regulatory watchdogs. 

Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.