Bitcoin exchange BitMart loses $196m in crypto ‘bank heist’ hack

‘This is a modern version of a bank heist,’ one security expert says

Anthony Cuthbertson
Monday 06 December 2021 07:09 EST
Comments
The Bitmart cryptocurrency exchange reported a major security breach on 4 December, 2021
The Bitmart cryptocurrency exchange reported a major security breach on 4 December, 2021 (Getty Images)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Hackers have stolen nearly $200 million worth of cryptocurrency after breaching the popular crypto trading platform BitMart.

The Cayman Islands-based exchange confirmed that a “large-scale security breach” took place over the weekend, resulting in the loss of customer funds. CEO Sheldon Xia said the company would compensate all affected users.

Follow our live coverage of the crypto market right here

The estimated losses amount to $100m in cryptocurrencies on the Ethereum blockchain and a further $96m of cryptocurrencies on the Binance Smart Chain. No bitcoin appears to have been lost.

BitMart initially claimed that “there was no hack” and that the outflows were normal withdrawals, claiming on its official Telegram channel that reports of a hack were “fake news”.

Mr Xia subsequently confirmed that a breach had been identified, resulting from a stolen private key that gave access to two of the exchange’s digital wallets.

“BitMart will use our own funding to cover the incident and compensate affected users,” he said. “No user assets will be harmed.”

Deposit and withdrawal functions on the exchange have been temporarily suspended, however they are expected to resume on Tuesday.

“It’s no surprise that attackers are targeting cryptocurrency exchanges, in many ways they are the new banks, which makes this a modern version of a bank heist with arguably less risk and less effort,” Steve Forbes, a cyber security expert at web registry Nominet, told The Independent.

“As the threat of a ransomware attack continues to grow for all industries, cryptocurrency exchanges will be no exception.”

Jake Moore, a cyber security specialist at ESET, noted that the use of a decentralised exchange (DEX) aggregator to swap the stolen assets for the cryptocurrency Ethereum (ETH), while simultaneously using a privacy mixer to deposit the ETH, meant they would be extremely difficult to track.

“The technology holding up cryptocurrencies makes it far too easy to steal large sums of money, with often little or no trace as to where the money has gone or who has stolen it,” Mr Moore said.

“Sending funds to an Ethereum mixing service is increasingly common for those wanting to evade being followed by the authorities, so better initial prevention for those with digital funds is vital to help mitigate this growing trend.”

Additional layers of security, such as two-factor authentication, are recommended for users of cryptocurrency exchanges and custodial services, as well as extra caution when dealing with suspicious emails that may be phishing attempts to garner login credentials.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in