- Attackers withdrew funds in ETH, GALA, SHIB, MATIC
- Bitrue has temporarily halted withdrawals
Cybercriminals stole $23 million from a hot wallet belonging to Bitrue, a Singapore-based crypto exchange, Bitrue tweeted earlier today. The exchange did not provide any details about the attack.
Further exploit prevented
The exchange wrote on Twitter:
We have identified a brief exploit in one of our hot wallets on 07:18 (UTC), 14 April 2023. We were able to address this matter quickly and prevented the further exploit of funds. The attackers were able to withdraw assets worth approximately 23 million USD in the following currencies: ETH, QNT, GALA, SHIB, HOT, and MATIC.
Wallet contained less than 5% of all reserves
The exchange assured that the hot wallet affected held less than 5% of overall reserves. No other wallets were compromised.
Bitrue has temporarily halted withdrawals and plans to reopen them on April 18. The exchange promised full compensation to all affected users.
Bitrue’s daily trading volume exceeds $1B
Bitrue is a cryptocurrency exchange platform that allows users to buy, sell, and trade cryptocurrencies like Bitcoin, Ethereum, and other digital assets. It was founded in 2018 and its daily trading volume exceeds $1 billion according to data from CoinGecko, cited by CoinDesk.
Bitcoin and ether, the two biggest coins by market cap, are among the most-traded token pairs.
Third major exploit in a month
Earlier this month, an Ethereum Mainnet validator attacked a major MEV (maximal extractable value) bot, leading to a loss by the network of almost $20 million. Some of the funds have been recovered.
This was not the only other attack in April. DeFi exchange SushiSwap suffered a $3.3 million exploit last weekend. The attackertargeted a weaknessin the ‘RouterProcessor2’ contract, which users deploy to route trades on the exchange.
SushiSwap eventually recovered ether worth $186,000 that had been drained by a hacker from the wallet of a popular trader in Crypto Twitter circles and a Sushi user.