Taiwan-based crypto exchange WOO X has recently experienced a hack resulting in a loss of crypto assets worth $14 million. The exploit involved unauthorized withdrawals affecting nine user accounts.
WOO X $14M Exploit
In a post via X (formerly Twitter), WOO X claimed that the incident was “quickly detected,” leading to an immediate pause on withdrawals. Leveraging the withdrawal suspension, the exchange blocked most transactions before significant funds were moved. It assured users that trading services are still functional.
Reporting its findings, the crypto security firm Cyvers stated that WOO X’s hot wallets across multiple networks, including Bitcoin, Ethereum, BNB Chain, and Arbitrum, were compromised in the exploit. It detailed that $1 million USDT was siphoned to an Ethereum address, swapped into ETH, and later increased to $7.3 million. On the BNB Chain, 5 BTCB were cashed out into BNB and transferred to new addresses.
While announcing the hack, WOO X stated that it has already notified the affected users and pledged to fully reimburse the stolen funds, in line with its protocols for safeguarding against hot wallet vulnerabilities. The platform claims it is collaborating with external security experts and other exchanges to trace and halt the transactions of exploiters.
The platform provided wallet addresses of the suspects across EVM chains and Bitcoin. While investigations continue, WOO X emphasized that user assets outside the nine impacted accounts remain safe and secure. It also states that it will keep the public updated about subsequent developments and findings regarding the hack.
Over $145M Lost to Crypto Hacks in July
The third quarter of 2025, which began twenty-four days ago, has already seen over $145 million lost in more than six exploits. India’s leading exchange, CoinDCX, suffered a $44 million loss. The exchange launched a recovery bounty of up to 25% to identify the responsible parties.
The decentralized perpetual exchange GMX was hit by a $42 million exploit targeting a GLP vulnerability on its V1 platform, deployed on both Arbitrum and Avalanche. GMX offered a 10% white-hat bounty if the funds were returned within 48 hours. Interestingly, the exploiter returned more than 90% of the stolen assets.
Seychelles-based crypto exchange BigONE was also involved in a $27 million exploit involving its hot wallet system. The exchange responded by initiating an investigation with the security firm SlowMist.
