XLink Partners with Kaamel Technology to Investigate $10M Security Breach


Hassan Shittu

Last updated:

| 1 min read

XLink announced a partnership with cybersecurity firm Kaamel Technology on May 20. The collaboration will thoroughly investigate the ‘root cause’ of a data breach on May 15 that involved nearly $10 million of user funds.

XLink stated that Kaamel Technology would conduct a ‘deep investigation’ and take measures to ‘eliminate vulnerabilities and prevent future misconduct.’

Bitcoin Bridge XLink Partners with Kaamel Technology Following Security Breach

XLink disclosed that it has “accelerated” collaborations with cybersecurity firms to strengthen the platform’s defenses against future breaches.

To enhance its security measures further, XLink is expediting its partnership with Ancilia Inc. to boost “real-time on-chain monitoring infrastructure.”

Ancilia played an important role in the recent incident by alerting XLink to the attack, allowing the bridge provider to take swift actions that prevented additional fund losses.

Additionally, XLink is collaborating with Cobo, its BTC custodian, to expand its setup and expedite migrating its web3 key management to the Cobo MPC infrastructure. XLink emphasized that in addition to its partnerships with Cobo, Ancilia, and Kaamel Technology, it plans to announce further partnerships in the future as part of its efforts to enhance the security of its platform.

XLink Recovers Stolen Assets

XLink’s security breach involved its Ethereum and Binance Smart Chain (BSC) endpoints. The breach saw around $4.3 million lost after the attacker obtained private keys through a phishing scheme. Swift action by a white hat hacker led to the recovery of the stolen assets, however.

The company clarified that the exploit only affected the BSC and Ethereum endpoints, with other endpoints remaining secure. 

Responding to the breach, XLink promptly suspended all operations on the bridge to facilitate a thorough investigation in partnership with security experts and liaisons from Binance. The company urged users who interacted with the compromised contracts to revoke any approved spending limits as a precautionary measure to mitigate further risks.

In a related incident, Bitcoin layer-2 developer Alex Labs, the creator of the XLink bridge, suffered a separate attack on May 15. Due to compromised private keys, the attacker stole approximately $13.7 million in Stacks (STX) tokens.