A Popular Crypto Exchange Lost Millions To Hackers
BitMart lost millions of dollars worth of cryptocurrency at the hands of hackers.
This article is more than 2 years old
Popular cryptocurrency platform BitMart has lost approximately $150 million after a large-scale security breach. The Cayman-registered company suspended trading activity after hackers were able to infiltrate their system using a stolen private key. The hacker breached Ethereum and Binance wallets with a flood of transfers on December 4th, followed by an exodus of tokens two hours later that included Shiba and USDC.
BitMart founder Sheldon Xia said the affected smart chain hot wallets only carried a small percentage of the exchange’s assets. This means all their assets are not currently at risk. However, they have still decided to freeze all withdrawals until further notice and are currently reviewing security (via Engadget). He said all of the exchange’s other wallets were secure and unharmed.
The persons responsible for the breach have not been identified, but may have had existing knowledge about BitMarts operations. The stolen currency has been sent to an Ethereum mixing service that could make it difficult to trace the funds. Peckshield (a security firm) was the first to notice the breach over the weekend, noting that one of Bitmart’s addresses displayed a steady outflow of money to an address which Etherscan referred to as the Bitmart Hacker.
In terms of cryptocurrency, hot wallets are connected to the internet – unlike cold wallets. This makes them more convenient to use but also much less secure. In general, a cryptocurrency wallet contains a set of public addresses and private encryption keys. While cryptocurrency can be deposited in a public address, it cannot be removed without the secret private key. So the breach is not a risk exclusive to BitMart.
However, the company is taking the theft very seriously. In a follow-up post on their website, BitMart said they will use their own funding to cover the incident and compensate affected users. They are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. They also assured clients that no user assets will be harmed.
BitMart is also doing its best to retrieve security set-ups and operations. They just need some time to make proper arrangements. Additionally, the crypto company said they appreciate the kind understanding from their users during this period. In terms of asset deposits and withdrawals, BitMart is confident that these functions will resume gradually on December 7th. The detailed timelines will be announced very soon.
Just last week, BitMart closed a Series B funding round, led by the New York-based private equity firm Alexander Capital Ventures, with a US$300 million valuation. The company says it has more than nine million users worldwide and is ranked among the top 15 crypto exchanges on CoinGecko. BitMart is widely known for being registered and headquartered in the Cayman Islands, but it also has offices in Singapore, New York, Hong Kong, and Seoul.
Although BitMart’s security breach isn’t the biggest digital heist in history, Coindesk states that it is one of the larger centralized exchange hacks to date. It also underscores the growing issue of cryptocurrency theft. This is because the technology makes it all too feasible to steal large sums with few repercussions. Meanwhile, BitMart has resumed ether withdrawals and deposits. The exchange’s CEO Sheldon Xia shared the news in a tweet earlier today.