en
Back to the list

Bitrue Shuts Down Withdrawals Till 18th April After $23M Exploit

source-logo  tokenist.com 14 April 2023 21:58, UTC

Singaporean cryptocurrency exchange Bitrue has lost approximately $23 million after a hacker was able to exploit one of its hot wallets. The platform has announced that it will temporarily suspend all withdrawals until April 18 to conduct security checks and address the problem.

Hacker Drains 5% of Bitrue’s Funds

In a Friday announcement, Bitrue revealed that it had detected a brief exploit in one of their hot wallets at 07:18 UTC. The hack has resulted in losing around $23 million worth of digital assets, including ETH, QNT, GALA, SHIB, HOT, and MATIC. The crypto exchange said in a Tweet:

“The attackers were able to withdraw assets worth approximately 23M USD in ETH, QNT, GALA, SHIB, HOT, and MATIC. The affected hot wallet only holds less than 5% of our overall funds. The rest of our wallets remain secure and have not been compromised.”

Bitrue claimed the affected hot wallet contained less than 5% of the exchange’s funds. “The rest of our wallets continue to remain secure and have not been compromised,” the announcement said, adding that the team will publish a detailed post-mortem after a thorough security review.

The Bitrue team has suspended all withdrawals until April 18. Furthermore, the announcement said that “all identified users who are affected by this incident will be compensated in full.”

3/4: To conduct additional security checks, Bitrue will temporarily suspend all withdrawals and will reopen withdrawals on 18 April 2023. We seek your understanding and patience at this time. All identified users who are affected by this incident will be compensated in full.

— Bitrue (@BitrueOfficial) April 14, 2023

This is not the first time Bitrue has fallen victim to a hack. In 2019, the exchange lost around $4.2 million in user assets after a “hacker exploited a vulnerability in our Risk Control team’s 2nd review process to access the personal funds of about 90 Bitrue users,” the platform said.

Founded in 2018, Bitrue is a centralized cryptocurrency exchange registered in Singapore. The exchange has a 24-hours trading volume of around $2 billion, data from CoinGecko shows, with bitcoin and ether among the most-traded token pairs.

Crypto Hacks Continue to Take Victims

The Bitrue hack comes as crypto and DeFi projects continue to be victims of mass hacks. On Wednesday, crypto exchange GDAC said a hacker had drained nearly $14 million from the South Korean company’s platform, forcing a two-week pause in transactions.

The platform’s CEO Seung-hwan Han said the attacker hacked GDAC’s hot wallet to steal 23% of the company’s custodial assets. “All assets currently held by GDAC are fully covered and preserved,” he said, adding that law enforcement authorities are involved in the investigations.

Likewise, two DeFi protocols have suffered multi-million dollar hacks this week alone. On Thursday, a hacker exploited a vulnerability in a token issued by DeFi protocol Yearn Finance to steal about $11.6 million worth of digital assets, security firm PeckShield said.

On Sunday, DEX platform SushiSwap suffered more than $3.3 million in losses after a hacker exploited its RouteProcess02 contract, a smart contract that aggregates trade liquidity from multiple sources and identifies the most favorable price for swapping coins, crypto security firm Ancilia said in a tweet.

tokenist.com