Stake.com Hacked for $41M in Cryptocurrency

Article ByDavid Weir

September 5, 2023

Spread the Word:

Posted in: US Gambling Crime News, US Casino News

Stake.com, the offshore cryptocurrency casino, has reportedly fallen victim to a massive security breach.

The attack led to the loss of $41.3 million in digital assets, including ethereum and USDT.

The operator confirmed the hack yesterday, writing on social media.

“Three hours ago, unauthorized tx’s were made from Stake’s ETH/BSC hot wallets,” Stake said.

“We are investigating and will get the wallets up as soon as they’re completely resecured. User funds are safe.”

This is not the first cryptocurrency casino-related hack this year. Back in July, crypto payment platform Alphapo, which served offshore casinos like Bovada and Ignition, lost $31 million to hackers.

The Exploit Unveiled

Initial reports suggest that a potential key-leak might be the cause behind this massive security lapse.

The exploit first came to light when on-chain analysts detected suspicious transactions related to Stake.com. Specifically, an ethereum-native transfer of approximately $16 million, comprising assets like ETH, USDC, USDT, and DAI, was made from Stake.com’s ethereum address to a separate wallet.

This wallet then converted these assets into ETH. Further investigations revealed that an additional $25.6 million in cryptocurrency was drained from the platform, involving networks like Polygon and BNB Chain.

Stake.com’s Response and Current Status

In the wake of the exploit, Stake.com promptly suspended all deposits and withdrawals. However, in a recent development, the platform resumed its operations, assuring its users of the safety of their funds.

Despite these assurances, the exact cause of the exploit and the total amount stolen remain shrouded in mystery. Efforts are currently underway to resecure the affected wallets. Stake.com has been actively communicating with its user base, providing updates and ensuring them that other wallets, including those for bitcoin (BTC), Litecoin (LTC), and Ripple (XRP), remain unaffected.

In previous big-time crypto hacks reported this year, some cyber sleuths have been able to use the blockchain to work out the culprits and get some money back.

Firms can use AI and other data crawling techniques to link various blockchain addresses and transactions together in a causal chain that could lead back to the perpetrators.

However, the use of VPNs and newer privacy-centric cryptos like the fast-growing Monero can complicate things further.

Earlier this year, cyber security firm CloudFlare said that cryptocurrency platforms and online gambling operators are the most likely to be targeted by hackers globally.

The Largest Cryptocurrency Casino

Founded in 2017 and headquartered in Curacao, Stake.com has established itself as the largest cryptocurrency sports betting and casino platform. In 2022 alone, the operator reported a revenue of around $2.6 billion.

Stake.com has also garnered significant marketing support from world-famous Canadian rapper and sports bettor Drake, who regularly places several hundred thousand dollar bets on the site while livestreaming.

Stake also has a live-streaming site called Kick, and sponsors English Premier League soccer team Everton FC.

Market leading live-streaming service Twitch banned gambling on Stake.com from being streamed on its platform, leading Stake to start its own competitor in the streaming game.