Over $300M Stolen as Two Hacks Rattle the Markets
Crypto News

Over $300M Stolen as Two Hacks Rattle the Markets

A "stolen private key" meant up to $196 million was taken from BitMart, while BadgerDAO is trying to reason with an attacker who swiped thousands of Bitcoin from the popular DeFi protocol.

Over $300M Stolen as Two Hacks Rattle the Markets

Table of Contents

While a bloodbath was happening in the crypto markets, it seems that hackers were out in force.

BitMart has confirmed that it has fallen victim to a "large-scale security breach" — revealing that cybercriminals stole $150 million.

An Ether hot wallet and a Binance Coin hot wallet were targeted in the attack, and withdrawals have been suspended until further notice. 

"Begging" for understanding and patience, the trading platform added in a statement:

"The affected ETH hot wallet and BSC hot wallet carry a small percentage of assets on BitMart and all of our other wallets are secure and unharmed. We are now conducting a thorough security review and we will post updates as we progress."

News of this vulnerability was first reported by PeckShield — and according to the security firm, the true scale of the losses might be closer to $196 million.

To confuse matters further, PeckShield shared screenshots from a Telegram group that suggest BitMart initially denied any hack had taken place.

As users asked for answers about what had happened, admins deleted messages because they were "creating unnecessary attention" — and dismissed talk of a hack as "fake news." 

Such hacks have the potential to greatly diminish confidence in the crypto sector — and lead to criticism of the use of hot wallets, a term used to describe storage that's connected to the internet.

In the early hours of Monday morning, BitMart's founder and CEO Sheldon Xia revealed that the hack had been caused by a "stolen private key," adding:

"BitMart will use our own funding to cover the incident and compensate affected users."

Deposits and withdrawals are expected to recommence "gradually" from tomorrow.

Listen to the CoinMarketRecap podcast on Apple PodcastsSpotify and Google Podcasts

BadgerDAO in the Limelight

Last week, more than $120 million was also stolen from BadgerDAO — a popular protocol in the world of decentralized finance.
Estimates suggest that 2,100 BTC and 151 ETH was swiped — and the market crash over the weekend means this crypto stash is now worth about $100 million.

Badger says a "24/7" investigation is taking place to get to the bottom of what happened — with deposits and withdrawals suspended. Work is currently underway to ensure that the protocol's smart contracts "can be safely reactivated without further risk to funds."

The protocol appears to be hopeful that a white hat hacker will have been behind the theft — someone who exposes vulnerabilities but has no interest in holding on to the funds. In an on-chain message to the person responsible, Badger wrote: 

"You have taken funds that do not belong to you but we are willing to work with you and compensate you for identifying this vulnerability in the systems. We are providing you with a direct line of communication to discuss a peaceful resolution without involving any outside parties. Contact us to discuss further and do the right thing on behalf of the community."

Badger has enlisted the blockchain analytics firm Chainalysis to perform a forensic investigation — and has also gotten in touch with law enforcement agencies in the U.S. and Canada.

One of those caught up in the hack is the crypto lender Celsius Network — but the platform's CEO, Alex Mashinsky, has stressed that none of its members have lost funds as a result.

It comes just weeks after Celsius raised $750 million in a Series B funding round — taking its valuation to a cool $3.5 billion.
9 people liked this article