Popular crypto exchange, BitMart, recently revealed that it had lost millions of dollars in crypto to a massive hack. The attack was first reported by blockchain security and data analytics firm PeckShield. According to PeckShield, BitMart lost close to $200 million to hackers.
BitMart Confirms Hack
BitMart later confirmed that its systems had been breached by hackers. Its CEO released a statement to advise traders that withdrawals on the platform had been suspended. It also assured users of the exchange that it was conducting an extensive security review. The statement said that both its ETH and BSC hot wallets had been breached. However, the statement says that around $150 million was stolen instead of the $200 million reported by PeckShield.
1/3 We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions.
— Sheldon Xia (@sheldonbitmart) December 5, 2021
Plans To Compensate Victims
Sheldon Xia, the BitMart CEO said that the exchange plans to use its own funds to compensate victims of the hack. He added that they were, “talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed.” The hackers managed to steal around $100 million in crypto assets from the Ethereum blockchain and another $96 million from the Binance Smart Chain.
Initial Denials
When the attack was first reported by PeckShield on Sunday, the exchange came out to strongly deny the claims. Peckshield pointed out that there were outflows of entire token balances, some in the tens of millions from BitMart wallet addresses. At the time BitMart claimed that those were routine outflows from withdrawals.
Details Of The Attack
Later on, the exchange publicly admitted to the hack. It stated that the hack was due to a stolen private key. For now, the exchange has stated that all other assets at the exchange are safe and unharmed.
Hackers used a decentralized exchange called 1inch to swap the stolen tokens into ETH. They then used a secondary address to send the funds to Tornado Cash, a privacy mixer, thus making it hard to track the funds. Operating a mixer is deemed illegal by the US government. In April 2021, the DoJ announced that it had arrested and charged a Swedish-Russian citizen for operating a crypto mixer.
Resumption Of Normal Operation
Xia said that the team was working on retrieving security setups and operations at the exchange. According to him, all deposits and withdrawals will resume on December 7, 2021. Details of this plan will be announced “soon.”
Crypto exchanges remain a favorite target of hackers. One of the most memorable was the Mt. Gox attack. Before it was hacked in 2014, the exchange was handling around 70% of all BTC transactions in the world. Since then, the exchange had been embroiled in a legal tussle with users who lost funds. Another memorable exchange was the dForce exchange, which lost $25 million to hackers. However, the hackers mysteriously returned the funds a few hours later. A more recent hack was the CreamFinance attack, where hackers used a flash loan attack to steal close to $130 million. The attack was first reported by PeckShield.
Summary
Crypto exchanges are one of the most targeted areas of the crypto ecosystem by hackers. To ensure your funds are safe, you should always store them in an offline cold wallet. You should only store a small percent of your funds in the exchange that you need to make trades.
Notice: Information contained herein is not and should not be construed as an offer, solicitation, or recommendation to buy or sell securities. The information has been obtained from sources we believe to be reliable; however, no guarantee is made or implied with respect to its accuracy, timeliness, or completeness. Authors may own the cryptocurrency they discuss. The information and content are subject to change without notice. Visionary Financial and its affiliates do not provide investment, tax, legal, or accounting advice.
This material has been prepared for informational purposes only and is the opinion of the author, and is not intended to provide, and should not be relied on for, investment, tax, legal, accounting advice. You should consult your own investment, tax, legal, and accounting advisors before engaging in any transaction. All content published by Visionary Financial is not an endorsement whatsoever. Visionary Financial was not compensated to submit this article. Please also visit our Privacy policy; disclaimer; and terms and conditions page for further information.