Crypto casino Metawin loses millions in bold wallet hack

Crypto casino Metawin recently lost $4 million in a hack targeting its Ethereum and Solana wallets, drawing attention once again to pressing cybersecurity concerns in the crypto industry.

On Sunday, Metawin CEO Richard Skelhorn revealed the breach on Telegram, explaining that hackers exploited the casino's withdrawal system to drain the funds.

Blockchain investigator ZachXBT later revealed on Telegram that the hackers used 115 Solana and Ethereum wallet addresses to carry out the theft. The hackers also reportedly moved the funds to a HitBTC nested service and KuCoin. 

A nested service is a type of infrastructure within a larger platform that adds layers of anonymity, making it harder to trace funds.

So far, the hackers' identity and motives remain unknown. In response to the breach, Metawin temporarily disabled withdrawals, though they have since been restored. The casino has reported the incident to authorities. 

According to the Block, CEO Skelhorn hinted that he used his personal funds to help cover the losses, sharing on Telegram that he “just emptied [his] piggy bank”, adding that they “don't dwell on it”. 

METAWIN LOSES $4M IN HOT WALLET HACK BUT QUICKLY REBOUNDS

Crypto casino Metawin took a $4M hit after hackers exploited its Ethereum and Solana hot wallets.

The breach targeted a “frictionless withdrawal system,” showcasing the hacker’s technical skill.

CEO Skel Skelhorn… pic.twitter.com/RGeRIY3sd2

— IBC Group Official (@ibcgroupio) November 4, 2024

This case serves as a stark reminder for all of us to prioritize security in the crypto space. In order to do so, there are some key practices that we should follow. 

For one, being careful with passwords and private keys—which is a code that allows crypto access and management—cannot be stressed enough. It is important to have strong passwords in place, to set up two-factor authentication (2FA), and to ensure that private keys are kept securely. 

It is also recommended to use a cold wallet—which is an offline storage device for keeping assets and private keys—rather than a web-based hot wallet. 

Hackers continue to refine their techniques, often posing as support staff to phish for information or creating fake sites and software to trick users. Staying vigilant against these tactics is essential for anyone in the crypto space.