Skip to content
Active Currencies: 17,339
Market Cap: $2.209T
Bitcoin Dominance: 56.19%
24h Market Cap Change: $0.54

‘Three days to notice?’ – Bitcoin Depot’s $3.6mln hack sparks backlash

A look into why crypto scams are spiking from Bitcoin Depot's recent exploit.

Written by Written by Lennox Gitonga
Reviewed by Reviewed by Renuka Tahelyani
Updated April 9, 2026

Bitcoin Depot is once again in crypto headlines after its recent revelation of undergoing a cyberattack. The company, which has the highest number of Bitcoin ATMs, announced it was anticipating a 40% decline in revenue this year.

The security and regulatory challenges it faces could be responsible for this projected decline. But how did the recent compromise to security happen?

Bitcoin Depot’s report on cyberattack 

As per the 8K report filed with the U.S. Securities and Exchange Commission (SEC), Bitcoin Depot revealed it lost $3.665 million on the 23rd of March. The firm went ahead to appoint a new CEO, Alex Holmes, on the 26th of March.

The report revealed that the cyberattack involved the exploiter compromising credentials to access internal systems and steal 50.903 Bitcoin [BTC]. This incident is one of the factors leading to the projection of loss in revenue for 2026.

Bitcoin Depot
Source: sec.gov/Archives

Worth noting is the lack of urgency and responsibility in these crypto scams. ZachXBT revealed that it took the Bitcoin Depot team three days to notice such a breach of security.

ZachXBT noted,

I traced it out and the suspicious outflows actually occurred on March 20 and the funds were transferred to Kucoin deposit addresses.

The findings contrasted the dates disclosed by Bitcoin Depot, showing the gap between those responsible for the security of funds and threat actors. The contrast explained why crypto scams were spiking, as those involved were neglecting their responsibilities.

Users termed the delay as incompetence, with one saying,

A 3-day delay is too long for such a significant security breach.

A spike in crypto scams 

Again, attackers attempted to steal about $1 billion in crypto from Bybit using the same methods that exploited Mt. Gox. Risk control team detected the tricks and blocked the fake deposit attacks, which is a big win for crypto.

Simultaneously, investigators and law enforcement agencies have intensified their efforts against these hackers. ZachXBT, for example, also disclosed a scheme that took advantage of $1 million every month from cryptocurrency-related fraud.

An internal North Korean payment server was responsible for this scheme, with more than 390 accounts involved. Users were transferring these funds and converting to fiat via Chinese bank accounts through platforms like Payoneer.

The investigator noted that the patterns were consistent with those of DPRK IT workers.

Final Summary

  • Bitcoin Depot lost $3.665 million in BTC via a cyberattack, but it took 3 days to notice the security breach. 
  • There has been a spike in crypto scams, with a North Korean group exposed for exploiting $1 million each month. 
Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Lennox Gitonga

Journalist

Lennox Gitonga is a Financial Market and On-Chain Analyst at AMBCrypto with a Bachelor of Commerce in Finance. As a former equities trader, he applies traditional market rigor to crypto, delivering clear technical and on-chain analysis that explains price action, liquidity, and network behavior driving digital asset trends.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.