Rain cryptocurrency exchange may have fallen victim to an exploit that resulted in the transfer of around $14.1 million worth of cryptocurrencies to a suspicious wallet, according to a report by on-chain analyst ZachXBT. The exploit occurred on April 29 and involved suspicious outflows from Rain’s Bitcoin, Ethereum, Solana, and XRP wallets. The funds were quickly exchanged for Bitcoin and Ethereum on instant exchanges and then transferred to two addresses on the respective networks. One of the addresses currently holds approximately 1,881 ETH, valued at $5.5 million, while the other holds 137.9 BTC, valued at $8.6 million.
The Ethereum destination address received its funds from an address that received funds from various BitGo multi-signature wallets. Although these wallets have not been explicitly attributed to Rain, they were involved in sending significant amounts of ETH, Shiba Inu, Chainlink, Tether, and USD Coin, which were promptly swapped for ETH on Uniswap. The Uniswap account also received funds from a Binance hot wallet.
Rain is a centralized crypto exchange based in Bahrain that primarily serves customers in Southwest Asia and the Middle East. Since its establishment, Rain has facilitated trading volumes exceeding $1 billion. However, its “pro” version has been intermittently down since May 5.
In addition to the Rain exploit, ZachXBT has made other significant claims. They alleged that the Lazarus Group, a hacking group linked to North Korea, laundered $200 million worth of cryptocurrency into fiat currency over a four-year period. Furthermore, a holder of Bored Ape Yacht Club tokens fell victim to a phishing attack, resulting in the loss of three rare NFTs.
The crypto industry has seen significant losses due to hacks and exploits, with investors losing $2 billion last year and an additional $333 million in the first quarter of this year.
