December 5, 2021

The hackers made away with a mix of over 20 tokens that includes altcoins such as BNB, Safemoon, BSC-USD and BPay. Sizable amounts of meme coins such as BabyDoge, Floki and Moonshot were also compromised in the hack.

According to Peckshield, the hack was a straightforward case of transfer-out, swap, and wash:

Transfer of stolen Bitmart tokens. Source: PeckShield

Bitmart CEO Sheldon Xia later confirmed the hack over Twitter as a “large-scale security breach” on ETH and BSC hot wallets:

“At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 million.”

3/3 At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation.

December 5, 2021

The hackers made away with a mix of over 20 tokens that includes altcoins such as Binance Coin (BNB), Safemoon, BSC-USD and BPay. Sizable amounts of meme coins such as BabyDoge, Floki and Moonshot were also compromised in the hack.

According to Peckshield, the hack was a straightforward case of transfer-out, swap, and wash:

Transfer of stolen Bitmart tokens. Source: PeckShield

Bitmart CEO Sheldon Xia later confirmed the hack over Twitter as a “large-scale security breach” on ETH and BSC hot wallets:

“At this moment we are still concluding the possible methods used.

The hackers were able to withdraw assets of the value of approximately USD 150 million.”

3/3 At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation.

However, hot wallets tend to be susceptible to hacks on account of being connected to the internet.

After moving the funds out of BitMart, the hackers swapped the stolen tokens for Ethereum (ETH) on the 1inch decentralized exchange. Eventually, the ETH was moved into Tornado Cash, a coin mixing platform that makes the stolen assets difficult to trace.

BitMart hack the result of stolen private keys

According to Xia, the BtiMart CEO, the security breach resulted from the theft of private keys to the two hot wallets in question.

“BitMart has completed initial security checks and identified affected assets,” said Xia in a short, but swift update to the hack.

This security breach was mainly caused by a stolen private key that had two of our hot wallets compromised.

Huobi has also shown a willingness to assist.

Thieves steal $196 million in crypto

Hackers made off with a total of $196 million worth of digital assets from BitMart on Dec 4, according to blockchain and data analytics firm Peckshield. Confirming the theft, Xia initially put the extent of the loss at $150 million.

The cyber-criminals plundered two of the exchange’s hot wallets – the Ethereum and Binance Smart Chain wallets – stealing around 20 tokens including binance coin, Saitama, Floki Inu, BabyDoge and, Shiba Inu.

Hot wallets are active digital asset accounts connected to the internet. Exchanges use these wallets to facilitate day-to-day trading activities on their platforms.

Crypto exchange Bitmart lost nearly $200 million in a hot wallet compromise hosted over the Ethereum and Binance Smart Chain blockchains.

The $200 million Bitmart hack was first revealed by Peckshield, a blockchain security and data analytics company that initially identified a transfer of roughly $100 million over the Ethereum blockchain.

Further investigation from the team revealed a concurrent hack of $96 million over the crypto exchange’s BSC reserves:

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChainpic.twitter.com/cXXApDFtd7

— PeckShield Inc.

Crypto exchange Bitmart lost nearly $200 million in a hot wallet compromise hosted over the Ethereum (ETH) and Binance Smart Chain (BSC) blockchains.

The $200 million Bitmart hack was first revealed by Peckshield, a blockchain security and data analytics company, who initially identified a transfer of roughly $100 million over the Ethereum blockchain.

Further investigation from the team revealed a concurrent hack of $96 million over the crypto exchange’s BSC reserves:

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7

— PeckShield Inc.

December 5, 2021

The hackers made away with a mix of over 20 tokens that includes altcoins such as Binance Coin (BNB), Safemoon, BSC-USD and BNBBPay (BPay). Sizable amounts of meme coins such as BabyDoge, Floki and Moonshot were also compromised in the hack.

According to Peckshield, the hack was a straightforward case of transfer-out, swap, and wash:

Transfer of stolen tokens on Bitmart. Source: PeckShield

Bitmart CEO Sheldon Xia later confirmed the hack over Twitter as a “large-scale security breach” on ETH and BSC hot wallets:

“At this moment we are still concluding the possible methods used.
The hackers were able to withdraw assets of the value of approximately USD 150 million.”

3/3 At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation.

Crypto exchange Bitmart lost nearly $200 million in a hot wallet compromise hosted over the Ethereum (ETH) and Binance Smart Chain (BSC) blockchains.

The $200 million Bitmart hack was first revealed by Peckshield, a blockchain security and data analytics company, who initially identified a transfer of roughly $100 million over the Ethereum blockchain.

Further investigation from the team revealed a concurrent hack of $96 million over the crypto exchange’s BSC reserves:

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7

— PeckShield Inc.

Other assets with BitMart are safe and unharmed.

Xia added that “we are now doing our best to retrieve security set-ups and our operation.” He urged calm and pleaded with users for “your kind understanding” as the exchange, which has offices in New York, China, Hong Kong, and Seoul, tries to get its house in order.

Deposits and withdrawals, which had been suspended in the wake of the hack, are expected to begin “gradually” on Dec 7. The exchange will announce a timetable for this at a later time.

The BitMart hack comes hard on the heels of the $120 million theft on BadgerDAO. BitMart is one of the world’s top centralized crypto exchanges by volume, according to data from CoinGecko.

Bitmart chief executive officer Sheldon Xia said on Dec 6 that the exchange will use its own money to refund the $196 million worth of crypto assets lost in an attack over the weekend.

In an update on Twitter, Xia stated that the Cayman Islands-registered cryptocurrency trading platform “will use our own funding to cover the incident and compensate affected users.” He did not specify whether users will be reimbursed in full or in part.

“We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed,” Xia added.

Saitama immediately responded, committing to “collaborate to help resolve the problem”.

Similar Posts:

Leave a comment