Canadian crypto exchange Catalyx has stopped accepting withdrawals and halted all trading activities on its platform after a security issue resulted in the loss of an unknown amount of user funds.
Catalyx Hack Likely An Inside Job
Catalyx has temporarily ceased all crypto and fiat currency withdrawals and deposits after suffering a security breach. The company did not disclose the exact amount of losses incurred in its Dec. 28 statement.
However, as the security issue led to the loss of some of Catalyx customers’ crypto assets, the company opened an investigation with suspicion that one of its own employees could have been involved in the incident.
“Management suspects that this security breach, which may involve an employee, has resulted in the loss of a portion of the crypto assets held by the Company on behalf of its clients,” Catalyx said.
Catalyz further revealed it had tapped global financial auditing firm Deloitte LLP to “provide forensic and investigative services” to the exchange as it tries to get to the bottom of the security breach. Catalyx said it will provide its customers with an update after Deloitte concludes its investigation.
Just last week, the Alberta Securities Commission ordered Catalyx to halt all trading of crypto contracts and launched its own probe into the firm.
Crypto Exploits In 2023
Hacks and exploits continued to plague the crypto sector in 2023, with billions of dollars lost as bad actors took advantage of inadequate security protocols.
The great news? This year wasn’t as bad as 2022, which was the worst on record, according to pundits. Blockchain analytics firm TRM Labs notes that the $1.7 billion stolen by crypto criminals in 2023 is less than half the almost $4 billion lost to hacks last year. The reduction coincides with a bear market in which most cryptocurrencies plummeted as much as 80% from their 2021 all-time highs before rebounding in recent months as overall conditions turned more bullish.
The largest hacks on centralized platforms were November’s attacks on Justin Sun’s Poloniex and HTX (formerly Huobi), which netted hackers a combined total of over $200 million.
Mixin Network, a Hong Kong-based decentralized exchange project designed to make cross-chain transfers cheaper and more efficient, was hacked in September for a jaw-dropping $200 million. Hackers targeted the project’s “cloud service provider”, prompting the suspension of withdrawals.
Meanwhile, North Korea’s state-sponsored hacking group Lazarus continued to conduct malicious crypto attacks this year. The notorious hacking organization has pilfered $3 billion in crypto assets over the last six years, as per a report by cybersecurity company Recorded Future.