Rain cryptocurrency exchange was recently affected by a potential exploit on April 29, resulting in the transfer of around $14.1 million worth of cryptocurrencies to a new wallet under suspicious circumstances. On-chain analyst ZachXBT reported the incident, noting that there were suspicious outflows from Rain’s wallets holding Bitcoin, Ethereum, Solana, and XRP. The funds from these wallets were quickly transferred to instant exchanges, converted to Bitcoin and Ethereum, and then sent to two addresses on the respective networks.
The Ethereum address, ending in “6c28,” currently holds approximately 1,881 ETH valued at $5.5 million, while the Bitcoin address, ending in “prp2,” holds 137.9 BTC valued at $8.6 million. Arkham Intelligence data revealed that the Ethereum destination address received its funds from an address ending in “d609,” which received the funds from various Bitgo multi-signature wallets. Although these wallets have not been definitively linked to Rain, they were involved in sending over various cryptocurrencies, which were then promptly swapped for ETH on Uniswap.
Rain, a centralized cryptocurrency exchange based in Bahrain, primarily caters to customers in Southwest Asia and the Middle East. Since its inception, Rain has facilitated trading volumes exceeding $1 billion, according to regional news reports. However, the exchange’s “pro” version has been experiencing intermittent downtime since May 5. In 2023, Rain received approval from Abu Dhabi’s financial regulator to operate as a virtual asset brokerage and custody service provider.
In addition to the Rain exploit, ZachXBT has made significant allegations regarding North Korea’s Lazarus Group laundering $200 million worth of cryptocurrency into fiat currency over a four-year period. The analysis revealed that at least $44 million worth of stolen crypto was laundered through Paxful and Noones using two specific usernames. The stolen funds were converted into Tether stablecoin before being exchanged for cash and withdrawn, with the Lazarus Group historically relying on China-based over-the-counter traders for crypto-to-fiat conversions.
Moreover, ZachXBT reported a case where a holder of Bored Ape Yacht Club tokens fell victim to a phishing attack, resulting in the loss of three rare NFTs. These incidents highlight the ongoing challenges faced by crypto investors, with $2 billion lost to hacks and exploits in the crypto industry last year, and an additional $333 million stolen in the first quarter of this year. As the cryptocurrency market continues to evolve, it is essential for exchanges and investors to remain vigilant and implement robust security measures to protect against such exploits and fraudulent activities.