Hassan Maishera
TL;DR
-
BigONE has lost $27 million in a hot wallet exploit earlier today.
-
The cryptocurrency exchange notified users that the attack path has been identified and contained.
BigONE Loses $27M in a Hot Wallet Exploit
Seychelles-based crypto exchange BigONE announced earlier today that it has lost $27 million in a hack. The company stated that,
"In the early hours of July 16, BigONE detected abnormal movements … Upon investigation, it was confirmed to be the result of a third-party attack targeting our hot wallet."
The cryptocurrency exchange revealed that it lost 120 BTC, 350 ETH, 1,800 SOL, and around 8.54 million USDT across four different networks. BigONE also lost funds in eight different cryptocurrencies, including DOGE, SHIB, and CELR.
In its report, the blockchain security firm SlowMist stated that BigONE’s supply chain had been attacked.
Supply chain attacks usually occur when a hacker enters and modifies software by injecting their malicious code into a system. The code inserts can be employed to deliver a malicious payload or backdoor malware.
The security firm added that,
"The production network was compromised, and the operating logic of account and risk control-related servers was modified, enabling the attacker to withdraw funds. Notably, the private keys were not leaked."
The cryptocurrency exchange added that all private keys to the exchange's wallets are safe and that it has identified the attack path to prevent further losses. BigONE said that it is working with SlowMist to track the hacker and the movement of funds.
BigONE assured users that it will cover all losses incurred from the hack, adding that it has activated its internal security reserves to stabilize its liquidity pools, with deposit and trading services expected to resume in the coming hours.
