Seychelles-based cryptocurrency exchange, BigONE has suffered a cyber attack that claimed about $27 million. The exchange confirmed the attack on Wednesday through its official page on X.
In the statement, the cryptocurrency exchange said it discovered the breach through real-time monitoring alerts that pointed to irregular asset movement. As revealed, the stolen assets include 120 BTC, 350 ETH, 8.4 million USDT across various chains, 1,800 SOL, 538,000 DOGE, 9.69 billion SHIB, and many others.
After due investigation, BigONE discovered a third-party attack on its hot wallet. Consequently, BigONE stated that it has discovered and addressed the lapses that gave room for the attack to stop more losses.
Cyvers, a blockchain analytics company said the attacker has converted some of the funds to WETH/ETH as they plan for some decentralized exchange movement to conceal the path of the stolen funds.
In its report, Cyvers mentioned some security lapses that facilitated the attack. According to the company, a single-point failure in BigONE hot wallet management, poor code integrity control, and the absence of pre-transaction validation are among many other factors that allowed the attacker to loot the exchange.
BigONE promises to reimburse users’ funds and implement recovery measures
To curtail the effect of the attack, the exchange immediately suspended deposit and withdrawal options on its platform. However, the exchange promised to restore the services after implementing some extra security measures.
The crypto exchange asserted that all private keys are secure and it is now in control of the situation. More so, the platform promised to cover all the assets lost to the breach, ensuring that users’ funds remain intact.
As promised, BigONE has activated its reserves which contain assets like BITC, ETH, USDT, SOL, and XIN to cover users’ funds and stabilize liquidity pools. Also, the exchange said it is working on securing external liquidity to cover for other tokens that are not in its internal security reserve.
Meanwhile, the cryptocurrency exchange has instigated some recovery efforts. The platform is working with leading blockchain security firm, SlowMist to trace the hacker’s wallet addresses and keep tabs on the missing funds.
The attack in BigONE comes shortly after a decentralized finance platform, Arcadia Finance based on the Base network, lost $2.5 million to a breach. Similarly, Nobitex, the largest cryptocurrency exchange in Iran, lost about $90 million to an attack late last month.
Read More: