- Leading crypto casino Stake has been hacked for over $41 million in crypto
- The hacker seems to have compromised the exchange’s hot wallets
- The company has refilled the wallets and reopened services
Crypto gambling giant Stake was yesterday hacked for over $41 million in crypto, with the company’s hot wallet thought to be the source of the leak. The bulk of the funds stolen were denominated in BSC with ETH close behind and some MATIC taken as well. No culprits have been named so far, with the coins moved to other wallets but not yet sent on their their presumed final destination. Stake has since said that all services are up and running with no impact on users.
Hacker Focused on ETH and BSC
Multiple alert sites picked up the huge outflows from Stake yesterday, quickly posting the details on Twitter:
🚨@Stake has experienced multiple suspicious outflows on #Ethereum, #BSC and #Polygon.
ETH: ~$15.7M
Polygon: ~$7.8M
BSC: ~$17.8M
The total funds were ~$41.35M.Stay alert! pic.twitter.com/cKBK3kMeUz
— Beosin Alert (@BeosinAlert) September 4, 2023
Given that Stake hadn’t announced a big win it was presumed that the outflow was the result of a hack.
Stake confirmed the hack three hours later:
Three hours ago, unauthorised tx’s were made from Stake’s ETH/BSC hot wallets.
We are investigating and will get the wallets up as soon as they’re completely re-secured.
User funds are safe.
BTC, LTC, XRP, EOS, TRX + all other wallets remain fully operational.
— Stake.com (@Stake) September 4, 2023
Stake co-founder Ed Craven added that the Stake “keeps a small portion of its crypto reserves in hot wallets at any given moment for these very reasons,” alluding to the company’s ability to refill the hot wallets from its reserves. He later played down the incident as Stake announced that everything was up and running again:
Shoutout to the team for such a quick turn around.
Despite some dramatic headlines, as always @Stake has everything under control 😎
— Eddie (@StakeEddie) September 4, 2023
This hack isn’t the first controversy that Stake has been involved in when it comes to criminal acts. Last year, the company was used in a phishing attack when a scammer claimed to have tricked a Stake customer into handing over $10 million in bitcoin through a fake VIP invitation from the casino:
Biggest Crypto Casino hit with Email Phishing Scam. User Loses 10 million in Bitcoin and the Scammer Brags
by in CryptoCurrency
We can expect to hear more about the Stake hack when a post-mortem is carried out and the flow of funds is traced from their current wallets.