The alleged breach was reported by blockchain researchers this week, but has not yet been confirmed by DWF Labs.
Cryptocurrency investment firm and market maker DWF Labs may have been compromised by a North Korea-linked hacker group known as AppleJeus in September 2022, according to blockchain security researcher Tanuki42.
Although DWF has not yet officially confirmed it, the alleged theft is estimated at more than $44 million, most of which was in stablecoins USDC and USDT. Tanuki42’s investigation, shared in a detailed thread on X on Tuesday, November 4th, suggests that the breach began on September 22nd, 2022, and caused Ethereum addresses to be depleted of funds over several hours.
Blockchain data attached to the thread shows withdrawals from multiple exchanges to the same address, indicating that the exchange account’s private keys and personal information were likely compromised.
Tanuki42’s post reads, “Despite the funds being drained for many hours (from 12:04:59 AM to 5:59:11 AM), attempts to stop the drain or save funds appear to have been unsuccessful.” “The next day, at 12:59:35 a.m. on September 23, there was one more expensive transaction.”
Tanuki42 added that the stolen funds may have been laundered into Bitcoin via the bridge protocol Ren, and while most of it remained inactive, some may have recently been sent to Bitcoin mixer Mixero. The funds were also mixed in with other AppleJeus-related thefts, including Deribit, Tower Capital, and Radiant, on-chain investigators reported.
Renowned blockchain detective ZachXBT responded to Tanuki42’s thread with the comment, “DWF hiding a $44 million hack? Can’t say I’m surprised.” Meanwhile, Tanuki42 praised ZachXBT for providing an attached visualization of the alleged exploit from blockchain research firm TRM Labs.
If accurate, the alleged DWF Labs hack represents a significant unreported breach, raising questions about market transparency and investor risk. The incident also highlights how even well-known companies remain vulnerable.
Defiant has reached out to DWF Labs about the potential breach, but has not yet received a response as of press time.
Most recently, DWF Labs led a $21 million Series B round for modular blockchain platform IOST along with Rollman Management, according to Traxcn data.
balancer hack
The alleged breach comes just a day after the high-profile balancer theft, highlighting the continuing risks to both decentralized finance (DeFi) and centralized companies.
Veteran decentralized exchange (DEX) Balancer v2 has suffered a massive hack, resulting in losses of over $128 million. This loss affected several networks including Ethereum, Polygon, Base, Arbitrum, Optimism, Sonic, and Verachain.
Circuit founder and CEO Harry Donnelly told The Defiant on Monday that the Balancer breach was a “grave warning” for the DeFi sector. However, other experts noted that hacking remains an inherent risk for investors and institutions participating in the crypto space.