M2 Exchange Loses $13.7 Million in Hack, Reimburses Users

Share IT

Key Takeaways

  • The attackerโ€™s wallet reportedly received approximately $3.7 million in USDT, 97 million SHIB tokens, and 1,378 ETH.
  • M2 announced that all affected customers had been fully reimbursed.

Leading Abu Dhabi-based crypto exchange M2 suffered a major security breach on October 31, resulting in the loss of $13.7 million in various digital assets, including Bitcoin (BTC), Ethereum (ETH), and Solana (SOL). 

The hack, which took place at approximately 3:16 a.m., saw attackers gain access to M2’s hot wallets, exploiting vulnerabilities to drain funds across several digital assets. Despite the attack, M2 moved quickly to contain the damage, announcing on November 1 that affected customers had been fully reimbursed.

In a statement, M2 confirmed that it โ€œswiftly respondedโ€ to the breach within 16 minutes, restoring operations and bolstering security measures to protect customer assets. Although M2 refrained from revealing the exact nature of the hack, blockchain security firm Cyvers provided additional insights, noting that three wallets on the Bitcoin, Ethereum, and Solana networks were compromised.

M2 has taken steps to fortify its systems but has not disclosed specifics on the “enhanced security” measures implemented following the hack. In its latest security update, the exchange reaffirmed its dedication to โ€œupholding the highest standards of security and complianceโ€ while adding that its committed to safeguarding customer assets as it works alongside authorities to conclude the investigation. 

The attackerโ€™s wallet reportedly received approximately $3.7 million in Tether (USDT), 97 million Shiba Inu (SHIB) tokens, and 1,378 Ethereum (ETH). These assets were rapidly converted into ETH, and an estimated $10 million remains on the Ethereum blockchain.

M2 assured its clients that it had โ€œtaken full responsibility for any potential lossesโ€ and stated that all customer funds had been fully restored, with trading and withdrawal services now running as usual. In its November 1 statement, M2 also confirmed close cooperation with relevant legal and regulatory authorities in Abu Dhabi to thoroughly investigate the incident.

According to Cyvers, centralized finance (CeFi) platforms like M2 have seen a nearly 1,000% rise in security breaches year over year. In contrast, decentralized finance (DeFi) platforms reported a 25% decrease in losses. However, complex smart contracts in DeFi still present substantial risk.

The breach comes amid a surge in global crypto-related hacks. In October, Web3 security firm CertiK released a report revealing that $750 million in crypto assets had been lost to hacks in Q3 2024 alone, pushing the yearโ€™s total losses from crypto hacks to over $2 billionโ€”a 72% increase compared to the previous year.

Founded in November 2022, M2 operates out of Abu Dhabi, co-founded by Phoenix Group CEO Bijan Alizadeh Fard and Stefan Kimmel, a former executive with Kraken MENA and the Commercial Bank of Dubai. 

Share IT
Saniya Raahath
Saniya Raahath

Get Daily Updates

Crypto News, NFTs and Market Updates

Can’t find what you’re looking for? Type below and hit enter!