- Bitmart recently confirmed that a hacker made away with $200 million in crypto assets following a hot wallet compromise.
- Peckshield first called attention to the hack, noting steady outflows of entire token balances.
- The hacker sent the stolen assets to an Ethereum mixing service, making the funds challenging to track.
Popular cryptocurrency exchange Bitmart has recently suffered a hack, with an estimated $200 million in losses as a result. The hacker made away with over 20 tokens, including Shiba Inu, Binance Coin, SafeMoon and used decentralized exchange 1inch to swap the stolen assets for Ethereum.
Bitmart suffers from security breach
Security analysis firm Peckshield revealed the alleged hack on December 4, noting that there have been steady outflows of entire token balances, worth tens of millions of dollars to an address currently labeled as the “Bitmart Hacker.”
At first, Peckshield approximated the losses to be worth $100 million among various cryptocurrencies on Ethereum and Binance Smart Chain. Bitmart representatives addressed the suspicion on its official Telegram channel, noting that the outflows in assets were only routine withdrawals.
However, after a few hours, the exchange’s CEO Sheldon Xia stated that Bitmart did indeed suffer from a “security breach” from the platform’s Ethereum and Binance Smart Chain hot wallets.
Xia added that the crypto exchange will “conduct a thorough security review” and that withdrawals from the platform will be suspended until further notice. Bitmart is yet to determine which possible methods the hacker used to remove assets from the hot wallet.
Peckshield indicated that the hack was a “straightforward case of transfer-out, swap and wash.”
The hacker has used decentralized exchange aggregator 1inch to swap the stolen funds for Ethereum by sending the assets to an Ethereum mixing service, Tornado Cash, to make it harder for the hacked funds to be tracked.
Bitmart stated that the affected Ethereum and Binance Smart Chain hot wallets only contained a “small percentage” of the exchange’s assets. The firm further confirmed that the other wallets remain “secure and unharmed.”
The hacker made off with a mix of over 20 tokens, including Binance Coin, SafeMoon and Shiba Inu.
Another exploit occurred recently on decentralized finance protocol BadgerDAO, which led to a loss of $50 million on cryptocurrency lending platform Celsius.