Canadian cryptocurrency exchange Catalyx has stopped accepting withdrawals and halted all trading activity on its platform after a security issue resulted in an unknown loss of user funds.

Catalyx hack may have been an inside job

Catalyx has temporarily halted all cryptocurrency and fiat withdrawals and deposits following a security breach. The company did not disclose the exact amount of the loss in a statement on Dec. 28.

However, due to the security issue that led to the loss of crypto assets of some Catalyx customers, the company suspected that one of its employees may have been involved in the incident and launched an investigation.

“Management suspects that this security breach, which may have involved an employee, resulted in the loss of a portion of the crypto assets held by the firm on behalf of its clients,” Catalyx said.

Catalyz further revealed that it has hired global financial audit firm Deloitte LLP to “provide forensic and investigative services” to the exchange in an attempt to get to the bottom of the security breach. Catalyx said it will provide an update to clients once Deloitte concludes its investigation.

Just last week, the Alberta Securities Commission ordered Catalyx to cease all cryptocurrency contract trading and launched an investigation into the company.

Cryptocurrency vulnerabilities in 2023

In 2023, hacks and breaches continued to plague the crypto industry, resulting in billions of dollars in losses as bad actors exploited poor security protocols.

The good news? Experts say this year isn’t as bad as 2022, which was the worst year on record. The $1.7 billion stolen by cryptocurrency criminals in 2023 was less than half the nearly $4 billion lost in hacks last year, according to blockchain analytics firm TRM Labs. The drop coincided with a bear market that saw most cryptocurrencies plunge 80% from their 2021 all-time highs, but have rebounded in recent months as overall conditions have become more optimistic.

The largest hack on a centralized platform was the attack on Justin Sun’s Poloniex and HTX (formerly Huobi) in November, which netted hackers a total of more than $200 million.

Mixin Network, a Hong Kong-based decentralized exchange project that aims to make cross-chain transfers cheaper and more efficient, was hacked in September for a whopping $200 million. The hackers targeted the project’s “cloud service provider,” resulting in a suspension of withdrawals.

Meanwhile, North Korea’s state-backed hacker group Lazarus has continued its malicious cryptojacking campaign this year. According to a report by cybersecurity firm Recorded Future, the notorious hacker group has stolen $3 billion in crypto assets over the past six years. #Catalyx  #黑客攻击