BitMart crypto exchange hit with $150m hack
Date:
Mon, 06 Dec 2021 15:07:47 +0000
Description:
Private keys from two hot wallets were stolen, BitMart CEO confirms.
FULL STORY ======================================================================
Crypto exchange BitMart has suffered a security breach which saw the
attackers make off with roughly $150 million in different cryptocurrencies, the company's leadership has confirmed.
Taking to Twitter, BitMart CEO Sheldon Xia said a large-scale security breach had been identified, related to two of the companys hot ETH and BSC wallets.
These wallets carried a small percentage of assets on BitMart, while all
other wallets remained secure and unharmed, he added. BitMart attack
A hot wallet is a cryptocurrency wallet thats connected to the internet and can be used to quickly and seamlessly transfer the funds from one account to the other. ETH is the ticker for the Ether cryptocurrency, native to the Ethereum blockchain, while BSC is the ticker for the Binance Coin, native to the Binance Smart Chain - a blockchain built by the Binance exchange. The Binance Smart Chain has many similarities to the Ethereum network, but many differences, as well.
Xia further confirmed that roughly $150 million had been taken, adding that initial reports suggest the private key was stolen for the two affected wallets.
Every cryptocurrency wallet has two keys - a public key, and a private key. A public key is the one that can be easily shared, and which is used for transactions. A private key is used for access to the wallet and should never be shared, or left out in the open.
There is no word how exactly the private keys were stolen, whether or not an endpoint was compromised, or if the attacker managed to phish the information out of an employee.
To mitigate the issue, BitMart will use its funds and compensate all those
who were affected by the breach, Xia explained. We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed, he tweeted. Crypto laundering through tumblers
All deposits and withdrawals have been suspended for the time being, with the CEO expecting operations to return to normal during the day.
Whether or not the company manages to retrieve the funds, remains to be seen. According to The Block Crypto , the attackers sent all the funds to an Ethereum mixing service called Tornado Cash.
The mixing service, also known as a cryptocurrency tumbler, is a service that allows users to mix potentially tainted funds (stolen, extorted, or otherwise illegally obtained) with other, clean funds, making it harder for researchers and law enforcement agencies to track down exact coins.
Usually, decentralized blockchains have their ledgers fully transparent, allowing anyone to track any transaction from point A to point B. However, a tumbler pools together funds from multiple sources for large, and often random, periods of time, and then splits them back out to numerous addresses.
The publication further said that different coins were taken, including roughly $500 million in USDC stablecoin (its price is always the same as the price of 1 USD), and large amounts of meme tokens, including Shiba Inu
(SHIB).
An employee is usually the weakest link in every organizations security
chain, experts are warning. Companies are advised to train their employees on the dangers of phishing, to set up state-of-the-art cybersecurity solutions, and to always deploy two-factor authentication, such as security keys . Also make sure to check out our list of the best firewalls right now
======================================================================
Link to news story:
https://www.techradar.com/news/bitmart-crypto-exchange-hit-with-dollar150m-hac k/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet Technology News (1337:1/100)