In a shocking security breach, cryptocurrency exchange BigONE suffered a massive $27 million hack on July 16, just hours after completing a system-wide upgrade.
The incident was initially detected by blockchain security firm SlowMist, which reported that the attack targeted the platform’s hot wallet, sparking widespread concern across the crypto community and the platform’s users.
BigONE Suffers $27 Million Hack
According to SlowMist, the hack was executed through a sophisticated supply chain attack, compromising BigONE’s production network. The exploit was carried out by altering the operating logic of servers responsible for account and risk control. This allowed the attacker to withdraw funds without authorization.
The stolen assets include a variety of cryptocurrencies such as bitcoin (BTC), Ether (ETH), USDT, SHIB, SOL, and DOGE. The hackers quickly converted the stolen assets into other cryptocurrencies, including 120 BTC (worth approximately $14.15 million), 1,272 ETH (worth around $4 million), 23.3 million TRX (worth about $7.01 million), and 2,625 SOL (worth approximately $428,000).
BigONE Responds to Hack
In response, BigONE has temporarily suspended deposits and withdrawals to prevent further losses. The exchange has assured users that it will provide full compensation for the losses using its internal reserves and external liquidity channels.
Moreover, BigONE confirmed via an official statement on X that the attack path has been identified and contained, and all private keys remain secure.
Meanwhile, the incident has raised fresh questions about the security of centralized exchanges, highlighting the need for robust security frameworks and vigilant monitoring. The investigation is ongoing, as SlowMist managed to track down the hacker’s addresses, which are linked to Ethereum, BSC, Solana, Bitcoin, and Tron.
Crypto Exploits on the Rise
This latest incident adds to the growing list of attacks in the crypto market, emphasizing the importance of enhanced security measures. In a recent news report, Arcadia Finance, a liquidity management layer on the Base network, was hacked for $3.5 million. The attacker stole funds, converted them to Ethereum (initially 840 ETH and later an additional 319 ETH), and bridged them from Base to Ethereum. The Arcadia Finance team alerted users, asking them to remove permissions for asset managers, and is investigating the incident.
Recall, Decentralized exchange GMX suffered a $42 million exploit due to a vulnerability in its Arbitrum GLP pool, prompting the team to disable affected features and offer a bounty for fund recovery.
