An incident occurred in which about 22.5 billion yen of cryptographic assets were stolen by hacking
It turns out that a large-scale hack occurred on BitMart on the cryptocurrency exchange on December 4, 2021, and at least $ 150 million worth of cryptocurrency assets were stolen. External security companies estimate that the total damage amounted to nearly $ 200 million.
BitMart Security Breach Update – BitMart
Hackers take $ 196 million from crypto exchange Bitmart, security firm says
Bitmart hacked for $ 200M following Ethereum, Binance Smart Chain exploit
BitMart founder and CEO Sheldon Xia confirms on Twitter that there was a major security breach related to one of our ETH (Ethereum) and BSC (Binance Smart Chain) hot wallets. Did. Hackers may have withdrawn approximately $ 150 million in assets. '
1/3 We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions.— Sheldon Xia (@sheldonbitmart) December 5, 2021
In addition, PeckShield, a blockchain-related security company, has stolen $ 100 million (about 11.2 billion yen) from Ethereum and $ 96 million (about 10.8 billion yen) from Binance Smart Chain, and the total damage amount is about about 10.8 billion yen. We have released an estimate that it has reached $ 200 million. In particular, the damage is widespread, with a total of 20 types of cryptocurrency assets being stolen, including the meme coin BabyDoge coin, from the Binance smart chain.
Total estimated loss: ~ 200M (~ 100M on @ethereum and ~ 96M on @BinanceChain). (Previously we only counted the loss on @ethereum ). And here is the list of affected assets / amount on @BinanceChain pic.twitter.com / cXXApDFtd7— PeckShield Inc. (@peckshield) December 5, 2021
BitMart has not disclosed how this hack was done, but according to Peckshield, a typical technique called 'transfer out swap wash' was used. It converts crypto assets stolen from BitMart into Ether , a currency in Ethereum, via a decentralized crypto asset exchange called 1inch, and breaks the link between the sender's and receiver's addresses to make a transaction. It is a method of sending money to Tornado Cash, a service that anonymizes, making it difficult to track funds.
Pretty straightforward: transfer-out, swap, and wash @sheldonbitmart pic.twitter.com/LyA03sbgCZ— PeckShield Inc. (@peckshield) December 5, 2021
CNBC, the US news media, asked BitMart if the customer's funds were hacked and if the victims would be compensated, but no response was obtained. In addition, CNBC also contacted the email address listed on Mr. Xia's Twitter account, but said that the message 'Access was denied' was returned.
BitMart has announced that it will take steps to suspend withdrawals from BitMart for the foreseeable future.
We have identified a large-scale security breach, and we are now conducting a thorough security review & we'll strive to maintain transparency. All withdrawals are temporarily suspended until further notice.— BitMart.Exchange (@BitMartExchange) December 5, 2021
We appreciate your understanding and patience. Https://t.co/WdipLLOvY9 pic.twitter.com/XFlY4RyWSe
in Web Service, Security, Posted by log1l_ks