Bitmart loses ~$200M following ‘large-scale security breach’
As the crypto-market lost momentum and people across the board panicked again, a group of hackers conflated users’ concerns by targeting Bitmart, a cryptocurrency exchange. Earlier on Sunday, Bitmart Founder and CEO Sheldon Xia confirmed the hack, noting,
“We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions.”
On the contrary, security researchers PeckShield estimated a total loss of $200 million in various assets. As per the researchers,
“Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain”
The hackers attacked over 20 tokens like Binance Coin [BNB], Safemoon, and BPay, etc. but meme-coins also were a favorite and included BabyDoge, Floki, and Moonshot.
According to Xia, the exchange is now conducting a security review. Given the protocols, withdrawals have been suspended until further notice.
Peckshield had called attention to the hack on Saturday and estimated the sum lost to be close to $100 million over the Ethereum blockchain. However, as it delved deeper, the researchers noted that the exchange’s BSC reserves were also being drained, which was close to $96 million.
Peckshield observed that it was a straightforward play for the hackers, one wherein they “transfer-out, swap, and wash.”
The CEO followed up with an update noting,
“At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation. Thank you very much.”
Well, seems like the merry season of hacks is upon us once again. Especially since this followed the attack on lending platform Celsius.
On 2 December, its decentralized finance [DeFi] protocol BadgerDAO was exploited, leading to a loss of $50 million. The team is now investigating the issue and has halted all smart contracts on the protocol.