BitMart cryptocurrency brokerage was hacked on Saturday night, December 4th. Hackers managed to get around US$196 million in tokens from the platform.
The attack targeted the platform’s hot wallets (internet-connected hot storage wallets), specifically the wallets based on the Ethereum and Binance Smart Chain networks.
BitMart suffers hacker attack
The company said in a blog post that it is investigating what happened. The platform “identified a large-scale security breach related to one of its Ethereum and BSC wallets.” The text confirmed that about $150 million in funds were lost due to the hack.
“We are continuing to work on identifying possible methods of attack. The affected ETH and BSC portfolios contained a small percentage of our assets; the rest of the wallets remain secure. We are suspending withdrawals until further notice,” said BitMart founder and CEO Sheldon Sia.
Security company identified attack
The attack on the brokerage was first identified by security and data analysis firm Peckshield, which initially identified a suspicious transfer of nearly $100 million. A further investigation by the security team revealed more than $96 million in theft.
According to the security company, hackers have stolen at least 20 cryptocurrencies, including Binance Coin (BNB), Safemoon, BSC-USD and BPaу. Hackers have also stolen a significant amount of memecoins such as BabуDoge, Floki and Moonshot.
Broker initially denied attack
The broker initially denied information about the hack. On the platform’s Telegram channel, users were assured that their funds were safe, and the news about the security issue was called “false”, then the company confirmed the attack and blocked withdrawals.
Brokerage founder and CEO Sheldon Xia then confirmed that the wallets were hacked on Saturday. According to the message posted on your profile. twitter, the loss was US$ 150 million.
The company said the stolen funds are a “small percentage of its assets” and that all other wallets are “safe and untouched”.
“We are conducting a full security review and will post updates as we progress.”
The brokerage has suspended withdrawals and said it will only release it when the situation is resolved.
This Monday (6), Xia confirmed, on Twitter, that the incident was caused by the theft of a private key from two hot wallets (or “hot wallets”, connected to the internet) from BitMart.
“BitMart will use its own money to cover the incident and compensate affected users,” Xia said.
A BitMart address shows a constant stream of tokens for an address titled “BitMart Hacker” in Etherscan.
Through a detailed analysis of the network, security analysts have identified that hackers are using decentralized brokers like 1inch to sell the stolen funds.
Hackers would then have moved the coins to a decentralized protocol that performs private transactions on Ethereum, Tornado Cash.
Hot wallets were the target
There are recurring reports of attacks targeting hot wallets. Thousands of investors have already lost millions in bitcoins after relying on exchanges.
“Not your keys, not your coins”. Remember that phrase forever, if the key isn’t yours, the coins aren’t either. If you don’t have Bitcoin in your wallet then they are mathematically not yours.
Understand what characterizes a hot wallet and what are the best ways to store your satoshis:
Buy and sell Bitcoin and other cryptocurrencies on Coinext
The complete brokerage to invest safely and conveniently in the most traded cryptocurrencies in the world.
Sign up and see how simple it is, go to: https://coinext.com.br