Crypto Exchange BitMart Hacked, Loss Estimated at $196 Million

  • The Bitmart hot wallets have reportedly been hacked, resulting in losses of $196 million.
  • More than 20 Binance Smart Chain (BSC) tokens were affected by this security breach.
  • Transactions were anonymized by using the Ethereum privacy mixer Tornado Cash.

Security company Peckshield reported an alleged security breach that happened Saturday night, affecting two BitMart hot wallets, an ETH and a BSC one. BitMart estimates losing around $150 million and suspended withdrawals until further notice, announcing the intent to conduct a security review of the hot wallets and discover the attack method.

After PeckShield posted the discovery on Twitter, the company initially denied the security breach on its Telegram channel, calling it "fake news." Later on, Bitmart's CEO confirmed the breach.

One of Bitmart’s addresses shows outflows of entire token balances to an address currently labeled "Bitmart Hacker" by Etherscan. Based on its investigation of the attack, Peckshield discovered that the hacker accessed hot wallets and swapped funds for ETH using a DEX aggregator 1inch.

Afterward, the funds were routed through Tornado cash, a privacy mixing Protocol for Ethereum blockchains that uses a smart contract and can accept deposits and enable withdrawals from one address while breaking the connection between the source and destination addresses on the blockchain. Before a transaction reaches its destination, funds from multiple users are combined. As soon as the money is mixed, it's hard to determine where it went, who transacted, and how much crypto was involved.

Other crypto exchanges need to be alerted to large Tornado Cash deposits. In a tweet, Huobi said it is willing to help identify the assets involved in the hack. Zcash developed Tornado Cash through open-source research. As part of last week's MonoX Finance DeFi Protocol Hack, Tornado Cash was used as an anonymizer.

Peckshield Inc. estimated the loss at $196 million, with approximately $100 million lost from the ETH wallet and about $96 million lost from Binance Smart Chain, making this one of the most devastating centralized exchange hacks to date, right next to the Cream Finance $130 million-hack that occurred in late October.

How to Watch The D’Amelio Show Season 2 Online From Anywhere
The D’Amelio family is back for Season 2 of The D’Amelio Show, a reality series that takes you into the world of...
How to Watch This England Online From Anywhere: Stream Sky’s New Boris Johnson Drama
A highly-anticipated drama that chronicles the story of Boris Johnson and his administration as they respond to the COVID-19 pandemic is going...
How to Watch The Real Housewives of Salt Lake City Season 3 Online From Anywhere
The Bravo reality series that was developed as the tenth installment of the Real Housewives franchise is back with a new season,...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari