Bitmart Loses $200 Million in Hack Performed by Unknown Attackers

Bitmart Loses $200 Million in Hack Performed by Unknown Attackers

Bitmart Loses $200 Million in Hack Performed by Unknown Attackers

Bitmart, a cryptocurrency exchange, suffered an attack yesterday that exploited some security vulnerabilities in order to gain access to the funds of the exchange. The attack targeted the hot wallets of the platform, specifically the Ethereum and Binance Smart Chain-based wallets. The hackers managed to take almost $200 million in tokens from the platform.

Bitmart Hot Wallets Exploited

Bitmart has lost more than $200 million in a hack that involved its hot wallets yesterday. The issue was first identified by Peckshield, a blockchain security and auditing company, that raised the alarm about a possible hot wallet vulnerability on social media. The involved wallets were those that held ETH and BSC-based tokens.

Bitmart representatives estimated the losses at $150 million initially, but PeckShield did an investigation of the funds taken, saying losses were around $200 million. The hack took significant amounts of SHIB, SAFEMOON, SAND, and MANA, among others. The event affected the price of some tokens with low liquidity listed on the exchange, due to the liquidation of large amounts of these on decentralized exchanges.

Bitmart acknowledged the situation and at the time stated that the losses due to the attack accounted for a small part of the exchange holdings. An announcement from the company stated:

The affected ETH hot wallet and BSC hot wallet carries a small percentage of assets on BitMart and all of our other wallets are secure and unharmed. We are now conducting a thorough security review and we will post updates as we progress.

Tornado-Washed Funds

The exploiters moved the funds to other platforms quickly, with the intention of mixing the cryptocurrency taken. According to Peckshield, all of the Binance Smart Chain and Ethereum tokens were exchanged for ethereum using 1inch, a decentralized exchange platform, and then were sent to Tornado.cash, an obfuscation protocol that allows users to make transactions less susceptible to tracing.

This is one of the more devastating attacks on a centralized exchange this year, with much of the risk for exploits having moved to decentralized finance (defi) platforms. As a result of this situation, the exchange has suspended withdrawals for all assets until it conducts an investigation and a new security review of the platform and its vulnerabilities.

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow