FixedFloat Says User Funds Not Affected By 'External' Exploit Of $26M In Bitcoin, Ether

Decentralized cryptocurrency exchange FixedFloat clarified that user funds were not affected in an "external attack" that led to the exploitation of at least $26 million worth of Bitcoin and Ether. The exchange said only its service has been affected.

"The recent hacking of our system was not carried out by our employees; it was an external attack caused by vulnerabilities in our security structure," the FixedFloat team told International Business Times in a statement Tuesday.

It added that the exchange is primarily focused on resolving its system's weak points and strengthening the exchange's overall security, "which prevented us from making public statements about what happened."

Amid concerns about the possible impact of the hack on user funds, FixedFloat clarified that "financial losses affected only our service, user funds were not affected." It went on to reiterate that "FixedFloat does not perform the functions of a custodial service, that is, it does not store user funds."

The exchange also noted that it has outstanding payment obligations for approximately "30 orders to our users." It can consider compensation "privately for those orders" that it couldn't fulfill due to the current situation, it said. "These payments will be made immediately after we have resumed the service and are satisfied that it is safe. We guarantee the fulfilment of all our obligations to clients," it added.

As reported Monday, news of the exploit first emerged on X (formerly Twitter) on Sunday. On-chain data showed that more than 1,700 Ether worth nearly $5 million and over 400 Bitcoin worth around $21 million were drained from FixedFloat.

The exchange confirmed to IBT that its financial losses from the system attack amounted to "approximately $26 million, including 409 BTC ($21.1 million) and 1,728 ETH ($4.85 million)."

FixedFloat acknowledged that its infrastructure was compromised "due to flaws and insufficient protection," but it cannot yet provide the exact details of the system hack as an investigation is underway. It said a full report will be provided upon completion.

While the crypto exchange did not provide a specific date of its service's restoration, it said its technical specialists and developers are working to restore the service as soon as possible. It is expecting "the resumption of full-fledged operation of the service in the coming days."

As of 8:00 a.m. EST, FixedFloat's website still displays an error notice, saying users can contact the team via chat.

Meanwhile, FixedFloat has also started responding to user concerns on X. The exchange warned earlier Tuesday against sham domains after an X user asked if it has alternative sites, reiterating that its service is still under maintenance. "We have only one domain, all other domains are scammers."