BitMart Exchange is saying that it will compensate the victims of the latest security incident on its platform that resulted in the loss of about $200 million worth of users’ assets.
What Happened?
Crypto trading platform BitMart Exchange, on Saturday, December 4, reported that it had identified a massive security breach on two of its hot wallets. The exchange wrote:
“We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets on December 4th, 2021. At this moment we are still concluding the possible methods used.”
BitMart said that hackers were able to withdraw assets of the value of approximately $150 million. However, blockchain security and data analytics firm PeckShield, which first reported the breach, estimated that the losses were closer to $200 million.
According to PeckShield, BitMart Exchange lost around $100 million in various cryptocurrencies on the Ethereum blockchain and another $96 million from coins on the Binance Smart Chain (BSC). The exchange suspended the users’ withdrawals until further notice.
After stealing the funds from BitMart’s ETH and BSC hot wallets, the hacker reportedly used the 1inch exchange to swap the stolen tokens for Ether (ETH). These swapped ETHs were then deposited into a privacy mixer platform known as Tornado Cash, which makes the money harder to trace.
In the subsequent update on Monday, December 6th, the breach was the result of stolen private keys. The BitMart team wrote:
“In response to this incident, BitMart has completed initial security checks and identified affected assets. This security breach was mainly caused by a stolen private key that had two of our hot wallets compromised. Other assets with BitMart are safe and unharmed.”
The team further announced that it would compensate the affected users through its own funds. BitMart CEO Sheldon Xia conducted an AMA session at 8 PM EST Dec 6 on the exchange’s Telegram channel to share the details regarding the security breach and compensation arrangement. The team also noted that deposits and withdrawal functions would gradually be resumed on Tuesday, December 7.
BitMart incident follows the BadgerDAO incident that also resulted in the loss of more than $100 million in users’ funds. As Crypto Economy reported, on December 2nd, Bitcoin-based DeFi protocol BadgerDAO was exploited for more than $120 million in various cryptocurrencies, including 2.1k BTC and 151 ETH.
Badger incident followed the exploit of DeFi platform MonoX in which the platform lost $31 million in different cryptocurrencies after the native token, MONO’s prices were artificially boosted.
