Bitmart crypto exchange lost nearly $ 200 million to a hot wallet compromise hosted on the Ethereum and Binance Smart Chain blockchains.
The $ 200 million Bitmart hack was first exposed by Peckshield, a blockchain security and data analytics company that first identified a transfer of about $ 100 million over the Ethereum blockchain.
Further research by the team revealed a simultaneous hack of 96 million US dollars over the BSC reserves of the crypto exchange:
Estimated total loss: ~ 200 million (~ 100 million at @ethereum and ~ 96 million at @BinanceChain). (Previously we only counted the loss on @ethereum). And here is the list of affected assets / amounts on @BinanceChain pic.twitter.com/cXXApDFtd7
– PeckShield Inc. (@peckshield) December 5, 2021
The hackers made off with a mix of over 20 tokens, including altcoins like Binance Coin (BNB), Safemoon, BSC-USD, and BNBBPay (BPay). The hack also compromised significant amounts of meme coins such as BabyDoge, Floki and Moonshot.
According to Peckshield, the hack was a simple transfer-out, swap, and wash case:
Transfer of stolen tokens to Bitmart. Source: PeckShield
Sheldon Xia, CEO of Bitmart, later confirmed the hack via Twitter as a “large-scale security breach” on ETH and BSC hot wallets:
“We are currently finalizing the possible methods. The hackers were able to withdraw assets worth around 150 million US dollars. “
3/3 We are currently temporarily suspending payments until further notice. We ask for your understanding and patience in this situation. Many Thanks.
– Sheldon Xia (@sheldonbitmart) December 5, 2021
Related: Crypto lending firm Celsius reportedly affected by BadgerDAO exploit
In what appears to be an ongoing threat to the crypto ecosystem, cryptocurrency lending platform Celsius confirmed a $ 50 million loss in exploiting the Decentralized Financial Protocol (DeFi) BadgerDAO.
The first reports of BadgerDAO’s security breach surfaced Thursday, with protocol officially announcing that it received multiple exports of unauthorized withdrawals of user funds on Wednesday.
The Badger team took similar preventive measures as Bitmart, further investigated the problem and paused all smart contracts in the log to avoid further losses.