Crypto casino platform Metawin suffered a significant loss on November 3, with $4 million drained from its Ethereum and Solana hot wallets due to a hack. The breach, first identified by crypto investigator ZachXBT, shows that the stolen assets were sent to KuCoin and another service linked to HitBTC.
Metawin CEO Richard Skelhorn explained that the attacker took advantage of the platform’s “frictionless withdrawal system.” In a message to users on Discord, he shared that withdrawals were paused temporarily to assess the system’s security and address vulnerabilities.
“Withdrawals have now resumed for 95% of users, with the final security checks in place for the remaining accounts,” Skelhorn added.
ZachXBT tracked the stolen assets across more than 115 theft-related addresses, though the identity of the attacker and their motivation remain unclear. Following the incident, Skelhorn announced that Metawin is actively working to replenish wallet balances for users. He described the attack as a “challenge” for both the company and its community but expressed determination to learn from it and enhance security measures.
In an update, Skelhorn mentioned that Metawin would be making “internal adjustments” to guard against future threats, humorously adding, “I just emptied my piggy bank, we don’t dwell on it. We keep building.”
Crypto Hacks in October Exceed $129 Million
This recent attack on Metawin is part of a broader trend of cyber incidents in the decentralized finance (DeFi) world. October saw an alarming number of crypto breaches, with blockchain security firm CertiK reporting $129.6 million lost to various exploits.
CertiK’s data indicated that exit scams alone resulted in $1.2 million in losses, while flash loan attacks led to another $1.5 million. On October 16, Binance-supported Radiant Capital experienced one of the largest heists, with attackers securing over $50 million in various crypto assets after gaining access to three of eleven private keys required for critical upgrades.
Additionally, a phishing attack on October 30 impacted multiple decentralized apps, exploiting the popular Lottie Player animation library used by several tech companies. These incidents highlight the growing challenge of securing DeFi platforms as the space continues to evolve and attract both legitimate users and malicious actors.
