Image: © Oleksii/Stock.adobe.com
Hackers attacked Ethereum and Binance wallets on Bitmart to withdraw assets worth tens of millions of dollars.
A major hack on one of the world’s largest cryptocurrency trading platforms by volume, Bitmart, has seen an estimated $196m worth of assets being stolen by unidentified hackers.
Bitmart said in a statement that a large-scale hack had affected Ethereum and Binance hot wallets starting Saturday (4 December). It said hackers were able to withdraw assets to the value of approximately $150m.
But PeckShield, a blockchain security and data analytics company, estimated the hack to be closer to $200m.
All withdrawals on the Bitmart platform have been suspended “until further notice” and the company said it is investigating the hack. Bitmart said the affected wallets “only carry a small percentage” of total assets on its platform and that other wallets are secure.
PeckShield took to Twitter to post details of the hack and its own estimation of the losses, saying Bitmart lost the equivalent of around $100m on Ethereum and around $96m on Binance.
Hot wallets, as opposed to cold or combination wallets, are connected to the internet to make it easier for customers to access their crypto assets. The ease of access, however, comes with the risk of hacks such as the one that has just befallen Bitmart.
Bitmart is a global crypto assets trading company headquartered in the Cayman Islands and headed by founder and CEO Sheldon Xia, based in the US. It was founded in 2017 and has more than 9m users, offering customers real-time trading services for bitcoin, Ethereum and more.
Institutional investors in Bitmart include New York-based private equity firm Alexander Capital Ventures and Shanghai-based blockchain-focused VC firm Fenbushi Capital. Alexander has previously invested in industry disruptors such as Airbnb, Spotify and Uber.
Xia said in an update on Twitter today (6 December) that the breach was “mainly caused by a stolen private key that had two of our hot wallets compromised”.
He added that other assets were “safe and unharmed”, that the company will compensate affected users, and that deposit and withdrawal functions on the platform are expected to gradually begin again tomorrow.
In August, a major hack on decentralised finance platform Poly Network saw more than $600m in crypto stolen by exploiting a vulnerability in its system – making it one of the largest cryptocurrency thefts in history.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
