Crypto gambling site Stake has experienced $16 million in withdrawals on Sept. 4 in what security platform Cyvers Alerts is calling “suspicious transactions.” The withdrawing account has been labeled “Stake.com Hacker” by Etherscan, implying that the drained funds may be the result of a stolen private key.

ALERTOur AI-powered system has detected multiple suspicious transactions with @Stake.https://t.co/0ZoMITOyF5 address received about $16M in $ETH $USDC $USDT and $DAIAll the stable coins are converted to $ETH and distributed to different EOAs.FYI: @tayvano_ @zachxbt pic.twitter.com/CSGwRHEiVm

— Cyvers Alerts (@CyversAlerts) September 4, 2023

Blockchain data shows very large withdrawals from Stake.com contracts into the alleged attacker’s account. The first transaction occurred at 12:48 p.m., transferring approximately $3.9 million worth of Tether (USDT) stablecoin from Stake to the attacker’s account. The next two transactions removed 6,001 Ether (ETH), worth approximately $9.8 million at the current price. The attacker continued to remove tokens over the next few minutes, including approximately $1 million USD Coin (USDC), $900,000 worth of Dai (DAI) stablecoin, and 333 Stake Classic (STAKE) ($75.48). Cyvers has estimated the total value of crypto drained at $16 million.

After draining the funds, the alleged attacker distributed them to multiple accounts. At the time of publication, Stake has not made an announcement regarding the suspicious withdrawals.

Stake is a crypto gambling protocol that offers dice games, Blackjack, Lingo, and other casino games, as well as sports betting for basketball, tennis, volleyball and others.

This is not the first time in 2023 that crypto gambling sites may have been targeted by hackers. On July 23, payments provider Alphapo suffered $31 million in suspicious withdrawals. Alphapo was a provider for several crypto gambling sites, including Hypedrop, Bovada, and Ignition.

This is a developing story, and further information will be added as it becomes available.