Singapore-based cryptocurrency exchange company BingX revealed an attack on its hot wallet on September 20. The exchange assured users that it suffered no losses and fully compensated the amounts lost to the attack while admitting to minor asset losses.
The technical team of BingX sensed something wrong when they noticed unusual traffic at 4 AM in Singapore time,” said Vivien Lin, the Chief Product Officer of BingX.
Lin stated on X, “we immediately activated our disaster plan, which included moving assets and suspending withdrawal.”
While the loss is still under calculation, we confirm the following:
— Vivien Lin @ BingX (@Vivien_BingX) September 20, 2024
1) BingX will fully compensate for the loss with our own capital.
2) The total loss is minimal and manageable. This incident will not affect our ongoing business operations. Trading services continue as usual.…
BingX users have been told that most of the site’s assets are kept in cold wallets. And that they were not touched by the hackers. The hot wallet was used to hold a tiny amount that was not compromised for instant transfers.
The strange movement of cash was first noticed by blockchain security startup PeckShield, which estimated that over $13.5 million had been lost. Lookonchain, an additional analytics platform, speculated that the amount would reach $26 million.
Exchange #BingX seems to have been attacked, with more than 360 altcoins (worth more than $26M) being transferred to wallet "0xF7e8" and then swapped for $ETH and $BNB.
— Lookonchain (@lookonchain) September 20, 2024
Including:
4.44M $USDT
1.04M $WUSD
608.7K $USDC
9.38 $BTCB($590K)
86,545 $ZRO($369K)
…… pic.twitter.com/YIVurrY0se
Stolen BingX Funds Moved To DEXs
In spite of these claims, Lin stressed that the hack would not affect BingX’s wider operations. She characterized the damages as “minor” and “manageable.”
Following the hack, BingX temporarily banned withdrawals to perform an emergency assessment and strengthen wallet security. Lin stated that when these security improvements are finished, withdrawals should be allowed to start again in a day or two.
The exchange’s hot wallet included over 360 cryptocurrencies. These included some of the largest coins, including 4.44 million USDT, 1.04 million WUSD, and 9.38 BTCB ($590,000). All of the assets were sent to the address “0xF7e8” and instantly swapped for Binance Coin (BNB) and Ethereum (ETH).
Presently located at “0x1D…AEE,” the stolen monies amount to 5.3K $ETH, 4.1K $BNB, and 1.65M $MATIC. Therefore, the anticipated loss with all the extra transfers is more than $43 million.
Data obtained from Etherscan also establishes that the majority of the stolen funds were swapped for ETH and BNB on various decentralised exchanges such as Uniswap and Kyberswap.
Over 360+ Altcoins Affected as Hackers Drained Multiple Assets
The most recent hacking attempt on BingX was massive. A breach that impacted more than 360 cryptocurrencies enabled the hackers to syphon $13.25 ETH, among other valuable assets.
However, BingX’s assurance to compensate the users for their loss is welcome news to the affected persons. The exchange is enhancing its security measures in an attempt to prevent similar security gaps.
Furthermore, hackers’ activities have been on the rise. On September 11, 2024, the biggest cryptocurrency exchange in Indonesia, Indodax, was the target of a significant cyberattack. It resulted in $22 million in losses.
Also, in an attempt to curb the rampant crypto hacks, stablecoin issuers Tether, Circle, Paxos, and Techteryx have blocked wallets connected to hacks by the Lazarus Group