BitMart, a cryptocurrency exchange, announced late Saturday that it had been hacked, losing around $150 million in cryptocurrency.
PeckShield first detected an abnormally high number of outbound transfers at 7:30 PM UTC. It discovered that beginning around 4:30 PM EST, a variety of tokens had been transmitted out of BitMart’s hot wallet.
A hot wallet is a tool that enables a cryptocurrency owner to send and receive tokens.
These tokens included significant amounts of meme tokens, such as shiba (SHIB), as well as a half-million-dollar investment in stablecoin USDC.
Most damaging hack to date
Bitmart’s newest centralized exchange breach may be the most severe to date.
Sheldon Xia, the company’s founder and chief executive officer, later acknowledged the issue on Twitter.
“We have discovered a large-scale security breach involving one of our ETH hot wallets and one of our BSC hot wallets,” Xia said.
Xia said that they are currently determining the possible tactics employed in the hack. “The hackers were able to withdraw around USD150 million in assets,” the CEO said.
Tracking the stolen funds is difficult
The hacker has been systematically exchanging stolen assets for the cryptocurrency ether (ETH) and depositing the ETH into privacy mixer Tornado Cash via a secondary address, making the hijacked funds more difficult to track.
Xia continued by stating that the exchange is conducting a “thorough security examination” and suspending all withdrawals until “further notice.”
Bitmart executives first claimed on an official Telegram channel that the outflows were ordinary withdrawals, dismissing reports of the attack as “fake news.”
Xia later verified, however, that the outflows were actually the consequence of a “security compromise.”
Image courtesy of Cointelegraph News/YouTube