Oh, BigONE, you naughty little crypto exchange! You lost a whopping $27 million in a third-party attack targeting your hot wallet infrastructure. Oopsie!
On July 16, you noticed something fishy when your assets started moving like they were auditioning for Riverdance. Turns out, it was a third-party attack targeting your hot wallet. Yikes!
But don’t worry, your private keys are still secure, and you’ve identified and contained the attack path to prevent further losses. Phew! You even collaborated with SlowMist, a blockchain security firm, to trace the attacker’s wallet addresses and monitor the flow of stolen funds. Good job!
BigONE’s Big Promise: We’ll Cover All Losses!
BigONE, you’re a real hero! You pledged to cover all losses from the breach to keep your users’ assets intact. You’ve activated your internal security reserves, including BTC, ETH, USDt, Solana (SOL), and Mixin (XIN), to replenish affected user funds. You’re the Robin Hood of crypto exchanges!
For other affected tokens, you’re actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible. You’re like a financial superhero!
In a report shared with CryptoMoon, blockchain security firm Cyvers said the attacker exploited your production network, likely through compromised CI/CD (Continuous Integration and Continuous Deployment) or server management channels, modifying business logic and disabling key risk-control checks. Ouch!
The attack began with malicious binaries deployed to account-operation servers, then the unauthorized draining of 350 ETH ($1.1 million). The attacker quickly expanded withdrawals across Bitcoin, Solana, and Tron, consolidating the stolen assets into a single external address for laundering. Sneaky!
Stolen Funds Converted to WETH
The stolen funds were converted to WETH/ETH and routed through fresh intermediaries, indicating preparations for mixing or decentralized exchange activity. Sounds like a well-planned heist!
Cyvers identified several security gaps contributing to the incident, including a single-point failure in hot-wallet management, insufficient code integrity controls, lack of pre-transaction validation, and limited network segmentation between build and wallet-management servers. Better tighten up those security measures, BigONE!
The BigONE hack comes a day after Arcadia Finance, a decentralized finance (DeFi) platform operating on the Base blockchain, suffered an exploit resulting in the theft of about $3.5 million in cryptocurrency. Talk about bad timing!
The first half of 2025 has seen more than $2.47 billion in losses due to hacks, scams, and exploits, representing a nearly 3% increase over the $2.4 billion stolen in 2024. Yikes! Let’s hope the second half of the year is a bit more secure for everyone.
Read More
- SPX PREDICTION. SPX cryptocurrency
- USD IDR PREDICTION
- When the Treasury Takes on the Cyber Villains: A Tale of Sanctions and Schemes
- You Wonโt Believe How Many Magical Beans Nano Labs Just Bought (With $1 Billion!)
- BTC EUR PREDICTION. BTC cryptocurrency
- JPY KRW PREDICTION
- BNB PREDICTION. BNB cryptocurrency
- SOL AUD PREDICTION. SOL cryptocurrency
- USD JPY PREDICTION
- KCS PREDICTION. KCS cryptocurrency
2025-07-16 11:01