Bitcoin DeFi application ALEX Lab lost more than $4.3 million in various tokens early Wednesday morning after its bridging service was attacked due to an alleged private key compromise.
security researcher Sartik said The attackers may have obtained the private keys that control ALEX's XLink bridge, a service that allows users to transfer tokens between different blockchains. The hackers transferred $300,000 worth of Bitcoin (BTC), $3.3 million worth of stablecoins, and $75,000 worth of Sugar Kingdom (SKO) tokens.
ALEX developers have confirmed the following: hack xpost In the early hours of Europe, they claimed to know the identity of the attackers. The team offered him a 10% reward in return for his 90% of the stolen funds.
“The ALEX Lab Foundation has identified those responsible for recent security breaches and is offering solutions through a bounty program,” the developers said. “Alex guarantees that if he complies, there will be no further pursuit or law enforcement involvement. This benefit is valid until 0800 UTC on May 18th.”
The team said funds associated with the hackers were frozen by major exchanges to prevent further misuse.
Compromising a private key is one of the most common attack vectors used by hackers. Some of the biggest crypto hacksThe Ronin $650 million breach in 2022 and the Harmony $100 million hack in the same year were caused by insufficient private key security.
