A hot wallet vulnerability caused by a cyberattack on the Bitrue cryptocurrency exchange allowed attackers to access several crypto assets worth around $23 million.
Hot wallets are a form of cryptocurrency wallet designed to hold quickly accessible, linked to the internet cryptos. However, compared to cold wallets, which are offline and not online, these are more susceptible to hacking and theft.
On April 14, Bitrue announced the breaking news, stating that a “brief exploit” of its hot wallet had forced them to temporarily stop all withdrawals. After performing extra security measures, the company anticipates reopening withdrawals on April 18, 2023.
Bitrue emphasized that by dealing with the issue swiftly, the platform was able to stop future money from being spent. Bitrue said, “We take this problem seriously and are now examining the situation. The impacted hot wallet only represented less than 5% of the total money of the exchange.” The company wrote:
“The rest of our wallets continue to remain secure and have not been compromised. We are conducting a thorough security review and will update you as we make progress.”
Executives from Bitrue committed to providing total compensation to any users harmed by the event who were identified. Ethereum (ETH), Quant (QNT), Gala GALA, Shiba Inu (SHIB), Holo (HOT), and Polygon (MATIC) were among the coins on the attacked hot wallet that were reportedly impacted.
The attacker exchanged 173,000 QNT, 22.55 billion SHIB, 46.4 million GALA, and 310,000 MATIC for about 8,540 ETH before withdrawing to this Ethereum address, according to blockchain security company PeckShield. Currently, the address has $3.2 million in assets, primarily in SHIB and HOT.
According to prior reports, during the past several years, hackers have tended to favor decentralized finance (DeFi) attacks more frequently than more conventional centralized exchanges. Data from Chainalysis shows that in the first three months of 2022, just 3% of all cryptocurrency theft occurred through hacks of crypto exchanges, whereas 97% came from DeFi protocols.
Bitrue, a significant centralized cryptocurrency exchange established in Singapore in 2018, trades an average of roughly $2 billion in cryptocurrencies every day, according to statistics from CoinGecko. The business has previously experienced hacks; in 2019, a hot wallet breach cost the corporation around $5 million in Cardano.