Market maker Kronos Research offers the hacker $2,6 million as reward
After the attack on November 19, the company was forced to suspend trading activities, which led to the liquidation of positions on partner exchanges
28.11.2023 - 13:05
587
2 min
0
What’s new? The trading firm Kronos Research, which lost $25,65 million in cryptocurrencies in the November 19 attack, offered the hacker a deal. Until November 30, 09:00 UTC, he can return 90% of the stolen funds and keep $2,565 million as a reward, in which case the company will not turn to law enforcement to catch him. The appeal was sent along with the transaction to the attacker’s address.
What else is known? As a result of the hack, the company was forced to suspend trading activity for the first time since 2018, leading to the liquidation of user positions on the crypto exchange WOO, for which Kronos supplied most of the liquidity. The exchange has already credited compensation to the accounts of those affected, using USDT stablecoins from its own proceeds.
The attack on Kronos was one of the five largest in November. According to employees, a leak of API keys led to the loss of cryptocurrencies. Kronos is focused on resuming liquidity supply for trading platforms and individual cryptocurrency projects as soon as possible; it has not published updates on the situation since the hack.
This month, the decentralized exchange KyberSwap was also hacked. As in the case of Kronos, the project’s team offered the hacker a reward of 10% of the stolen funds or 4,7 million. On November 26, he began returning assets to the exchange.
Two centralized exchanges led by Justin Sun were also attacked. In total, Poloniex and HTX lost more than $239 million, according to updated data from analytics platform DeFiLlama. At the same time, the Poloniex hacker ignored the reward offer, after which his data was handed over to the police of the PRC, the Russian Federation, and the United States. Both platforms have already partially restored the deposit and withdrawal functions in major cryptocurrencies, after the full launch, an airdrop will be conducted among customers.
Useful material?
Telegram 
Twitter Incidents
The company is linking the incident to a compromised private key on a service wallet, rather than a smart contract exploit
May 22, 2026
Incidents
Following the incident, the project temporarily halted trading operations and node activity.
May 15, 2026
Incidents
The user spent weeks unsuccessfully trying to guess the password until Claude helped find an old wallet backup file
May 14, 2026
Crypto regulations
Authorities are introducing mandatory registration for companies handling cross-border crypto transactions
May 8, 2026
Incidents
According to Blockaid, the attack may have been carried out by the same hacker behind the 1inch Fusion V1 exploit.
May 7, 2026
Incidents
The attacker gained administrative access and altered contracts to drain user funds
Apr 30, 2026
Cryptocurrency rates
-
Bitcoin
$62 980
BTC
-2.45%
-
Ethereum
$1 727.82
ETH
-4.54%
-
BNB Smart Chain
$579.4
BSC
+1.23%
-
Ripple
$1.14
XRP
-5.69%
-
TRON
$0.160134
TRX
-1.59%
-
Dogecoin
$0.086603
DOGE
-5.15%
-
Zcash
$402.53
ZEC
-34.15%
-
Stellar XLM
$0.196159
XLM
-8.2%
-
Cardano
$0.165276
ADA
-17.38%
-
Polkadot
$3.32
DOT
+5.27%