Bitmart exchange hacked. | Bitcointalksearch.org

TheGreatPython

sr. member

Activity: 2660

Merit: 339

Quote from: Issa56 on December 05, 2021, 01:30:40 AM

Peckshield recently disclosed that the Bitmart exchange had been compromised. Bitmart has stated that a hacker who targeted the exchange mixed and stole over 20 tokens which includes BNB, Safemoon, BSC-USD and BPAY from their hot wallet address, resulting in a loss of about $200 million. The hack was caused by a large-scale security compromise on the Ethereum blockchain and the Binance blockchain, according to Bitmart's CEO on Twitter. So we have to be very cautious and stay safe.

A lot of times when people do ask questions on whether they should be storing their cryptocurrencies on exchanges or a cold storage, I believe this is enough reason to let them know that the right place to store their cryptocurrencies is in a cold storage/their own personal offline wallet.

Exchanges or hot wallets can get hacked at anytime, and this has been proven so many times, we have seen a lot of exchanges being hacked over the years, so I believe that this is enough to let people know that they should be very careful when they are storing their crypto currencies, and know where they should store it.

By the way, exchanges should as well try to improve and work hard on securing there websites, and the same thing applies to the developers of the blockchains; they should be making sure that their platforms are secure, so that they don't cause problems for people and companies.

Munir575

member

Activity: 546

Merit: 10

Seriously, I don't think we should be storing our coins on an exchange right now because hackers are after exchanges because they believe they can make a lot of money from exhange, so our funds aren't safe there. If you have a coin, make sure it's in your cold wallet, to which you have the private key. The attack on the Bilaxy exchange a few months ago also affected me because before the exchange was hacked, I had a small amount there that I used to trade and after the exchange was hacked, all trading activities were suspended immediately, and I couldn't sell my coin back to usdt, and if I tried withdrawing the coin directly, the gas fee that they were requesting was far more than the amount of the coin I held, so I am advising everyone, especially the newbies not to store their coin on exchange.

doremonchina

jr. member

Activity: 210

Merit: 1

Digital currency trade BitMart says programmers have taken about $150m worth of tokens from its hot wallets Those impacted one putting away Ethereum and one Binance Smart Chain tokens convey a little level of resources on BitMart and every one of our different wallets are secure and safe it said.
Be that as it may, the primary security organization to see the hack assessed the taken tokens were worth nearer to $200m.
Bitmart is suspending client withdrawals until additional notification.

justdimin

hero member

Activity: 3164

Merit: 675

www.Crypto.Games: Multiple coins, multiple games

Quote from: Issa56 on December 05, 2021, 01:30:40 AM

Peckshield recently disclosed that the Bitmart exchange had been compromised. Bitmart has stated that a hacker who targeted the exchange mixed and stole over 20 tokens which includes BNB, Safemoon, BSC-USD and BPAY from their hot wallet address, resulting in a loss of about $200 million. The hack was caused by a large-scale security compromise on the Ethereum blockchain and the Binance blockchain, according to Bitmart's CEO on Twitter. So we have to be very cautious and stay safe.

I would assume that losing at this point is not really that much of a shock to the crypto world. If you are investing into a third party place, millions of people already said "not your keys, not your money" and people still end up putting their money into those places.

I have a small amount that I would be fine with losing in binance, and rest of them are either in hardware wallet or in non-custodial wallet like metawask. This is why if you are keeping tens of thousands of dollars in a place that is not the elite high level crypto place then I am sorry but you are going to end up with a bad result. It just doesn't make any sense at all to me that you would keep it somewhere like that.

SquirrelJulietGarden

hero member

Activity: 1442

Merit: 775

Quote from: adaseb on December 05, 2021, 09:55:59 PM

So since BNB chain is pretty much centralized by cz. Any word if they will Blacklist those addresses and tokens or are they already sold and converted into ETH.

Exchange can cooperate each other to response quickly to hack and block hacked fund. If big chains know about such hacks, they can automatically block those coins if possible. Because it shows that they are take care of users on their chains. They don't need to have exchange alliance to response to hack.

Quote

This is actually the only one good thing about a centralized token or blockchain, when thefts happen they can freeze the funds. Like when Tether got hacked a few years ago they just blacklisted those funds.

This reminds a risk of using stable coins because they can be frozen, even in your wallet.
PSA: Most Stablecoins Can Be Frozen, Even in Your Own Wallets

adaseb

legendary

Activity: 3808

Merit: 1723

So since BNB chain is pretty much centralized by cz. Any word if they will Blacklist those addresses and tokens or are they already sold and converted into ETH.

This is actually the only one good thing about a centralized token or blockchain, when thefts happen they can freeze the funds. Like when Tether got hacked a few years ago they just blacklisted those funds.

passwordnow

hero member

Activity: 3136

Merit: 591

Leading Crypto Sports Betting & Casino Platform

This is really bad whenever such news as this comes out, I'm a bit concerned about those people that have stocked their cryptos into that hacked exchange.
Well, didn't they know that if it's not their keys, it's not their cryptos? It's been a long time since we've been telling this to many people yet they never learned. How many times they're going to see such hack before they become too conscious with their holdings?
I just noticed that the majority of cryptos that was hacked on this exchange were meme coins.

SquirrelJulietGarden

hero member

Activity: 1442

Merit: 775

Quote from: The Cryptovator on December 05, 2021, 08:02:21 AM

I am a bit confused about their statement. What is the relationship between hacking and Ethereum & Binance chain network security issues? If something went wrong with both networks then why did only hackers target Bitmart exchange? Hackers might attempt to more exchange and steal more.

I don't know why they blamed it on Ethereum and Binance Smart Chain. It is easiest way to say their exchange don't have any bad security. I don't think it is a good way to protect their exchange reputation.

Years ago, Livecoin exchange blamed on Monero for their shady treatments on users and finally they did a scam exit.

Quote

I am not sure if this is an acceptable statement from the exchange. How the fucking exchange secure their wallet and exchange and called the world's most secure exchange. Often we have been seeing exchange hacking where it should be most secure since there are users' funds.

It is a very bad statement from my opinion but let's wait for more statement and solution from Bitmart.

Quote

By the way, we should always avoid storing big funds in a centralized exchange.

Not your keys, not your coins. I agree with you.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

Quote from: Woodie on December 05, 2021, 08:33:21 AM

Could this be an issue of how the smart contract is setup up or who and how the hot wallet is setup itself? As a lasting solution, these guys should try to put lucrative bug bounties to try minimise on such compromises.

This would be the main assumption I'd come to since they only hacked that one exchange. However, it wouldn't be a hack with bsc or eth - it'd be a hack on the exchange and one they're liable for (assuming they were the ones who badly scripted the contract).

Quote from: cheezcarls on December 05, 2021, 06:53:22 AM

This is really bad. Hot wallets are the “hot” target of these hackers nowadays in centralized exchanges and wallets. However, there’s no way for them to get past through the cold wallets unless they know the seed phrases and mnemonic phrases from the owner which is impossible. I haven’t deposited some of the coins and tokens that I have on my wallet yet where they can be traded on Bitmart exchange. Not safe to use centralized exchanges in storing our hard-earned cryptos.

Bad key management while moving cold wallets to hot might also cause issues here, something they should be able to adapt to though (eg sending too much funds to a cold wallet should mean the funds should only be loaded onto an air gapped machine).

Quote from: galambo on December 05, 2021, 01:44:28 AM

I don't know whether its the biggest hack till date or just another normal hack. Clients of Bitmart has nothing to worry about this hack since they will get there money back in any case. This is where exchanges have edge over normal wallets, if your coins are on exchanges then such hacks wont rip you off from your money, your money is safe.

What makes you so certain exchanges can afford to be hacked (unless I read that wrong).

I remember bitfinex losing a third of users' funds a while ago and actually being able to pay them back (eventually - I think it took about 2 years to do). They opened a marketplace for selling the tokens they gave equivelant to a dollar and I remember them trading around 16 cents too.

Woodie

hero member

Activity: 1834

Merit: 879

Rollbit.com ⚔️Crypto Futures

This explains why several exchanges I use such as whitebit suspended deposits and withdraws of tokens on the Ethereum blockchain and the Binance blockchain...guess they could have been doing an audit of their coins.

I also find this case to be quite interesting, why was the compromise specifically on the Ethereum blockchain and the Binance blockchain?? Are we been told that these have weak securities? Could this be an issue of how the smart contract is setup up or who and how the hot wallet is setup itself? As a lasting solution, these guys should try to put lucrative bug bounties to try minimise on such compromises.

The Cryptovator

legendary

Activity: 2394

Merit: 2223

Signature space for rent

I am a bit confused about their statement. What is the relationship between hacking and Ethereum & Binance chain network security issues? If something went wrong with both networks then why did only hackers target Bitmart exchange? Hackers might attempt to more exchange and steal more. I am not sure if this is an acceptable statement from the exchange. How the fucking exchange secure their wallet and exchange and called the world's most secure exchange. Often we have been seeing exchange hacking where it should be most secure since there are users' funds.

By the way, we should always avoid storing big funds in a centralized exchange.

Potato Chips

hero member

Activity: 2786

Merit: 902

yesssir! 🫡

Time to change scripts Cheesy

Quote from: https://www.bitmart.com/en

100% secure for trading and digital asset management

$200M being only a small percentage of their total funds would have been more believable if this wasn't a lesser known exchange... It doesn't help that I'm seeing exaggerated statements in their website such as "The most trusted cryptocurrency trading platform" and the 100% secure (there's no such setup). Even a cent should not to be trusted with them.

cheezcarls

hero member

Activity: 2282

Merit: 659

Looking for gigs

This is really bad. Hot wallets are the “hot” target of these hackers nowadays in centralized exchanges and wallets. However, there’s no way for them to get past through the cold wallets unless they know the seed phrases and mnemonic phrases from the owner which is impossible. I haven’t deposited some of the coins and tokens that I have on my wallet yet where they can be traded on Bitmart exchange. Not safe to use centralized exchanges in storing our hard-earned cryptos.

galambo

sr. member

Activity: 966

Merit: 311

The $196 million in losses makes this one of the most devastating centralized exchange hacks to date. Coindesk
I don't know whether its the biggest hack till date or just another normal hack. Clients of Bitmart has nothing to worry about this hack since they will get there money back in any case. This is where exchanges have edge over normal wallets, if your coins are on exchanges then such hacks wont rip you off from your money, your money is safe.

jackg

copper member

Activity: 2856

Merit: 3071

https://bit.ly/387FXHi lightning theory

If there is an exploitable vulnerability in both chains then I guess we'll find that out when it's fixed/no longer exploitable.
$200m sounds like a lot to have been stole from that exchange too so the funds were probably stored in different ways - seems strange you'd exploit an exchange like that and not a bigger one though.

Most attacks seem really shady in this industry until more information is made available anyway - though there's been a history of sketchy people/exchanges in crypto.

Issa56

hero member

Activity: 1484

Merit: 928

Peckshield recently disclosed that the Bitmart exchange had been compromised. Bitmart has stated that a hacker who targeted the exchange mixed and stole over 20 tokens which includes BNB, Safemoon, BSC-USD and BPAY from their hot wallet address, resulting in a loss of about $200 million. The hack was caused by a large-scale security compromise on the Ethereum blockchain and the Binance blockchain, according to Bitmart's CEO on Twitter. So we have to be very cautious and stay safe.

Quote

The hackers made away with a mix of over 20 tokens that includes altcoins such as BNB, Safemoon, BSC-USD and BPay.
Crypto exchange Bitmart lost nearly $200 million in a hot wallet compromise hosted over the Ethereum (ETH) and Binance Smart Chain (BSC) blockchains.

The $200 million Bitmart hack was first revealed by Peckshield, a blockchain security and data analytics company, who initially identified a transfer of roughly $100 million over the Ethereum blockchain.

Further investigation from the team revealed a concurrent hack of $96 million over the crypto exchange’s BSC reserves:

Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7

— PeckShield Inc. (@peckshield) December 5, 2021
The hackers made away with a mix of over 20 tokens that includes altcoins such as Binance Coin (BNB), Safemoon, BSC-USD and BPay. Sizable amounts of meme coins such as BabyDoge, Floki and Moonshot were also compromised in the hack.

According to Peckshield, the hack was a straightforward case of transfer-out, swap, and wash:
Bitmart CEO Sheldon Xia later confirmed the hack over Twitter as a “large-scale security breach” on ETH and BSC hot wallets:

“At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 million.”
3/3 At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation. Thank you very much.

— Sheldon Xia (@sheldonbitmart) December 5, 2021

Sources link: https://cointelegraph.com/news/bitmart-hacked-for-200m-following-ethereum-binance-smart-chain-exploit?utm_source=Telegram&utm_medium=social

Topic: Bitmart exchange hacked. (Read 155 times)