Skip to content

Bitrue Hot Wallet Exploit

The Bitrue cryptocurrency exchange had one of its hot wallets compromised. About $23 million was lost as a result.

Bitrue logo and hacker

The security team at the cryptocurrency exchange Bitrue earlier in April discovered an exploit in one of their hot wallets. As a result of the vulnerability, hackers were able to steal various cryptocurrencies worth $23 million. The exchange suspended the use of funds, and the vulnerability was quickly fixed.

After that, the investigation began.

As part of the investigation, Bitrue halted all withdrawals until April 18. The exchange published a brief update on the attack on April 17, saying that operations on all impacted tokens, with the exception of QNT, MATIC, and HOT, would resume.

With a compromised wallet containing less than 5% of the exchange's funds, hackers were able to steal about $23 million in various cryptocurrencies (ETH, QNT, GALA, SHIB, HOT, and MATIC). Bitrue claims that the exchange's remaining hot wallets are safe.

There is currently no information on how the impressive $23 million was stolen by hackers. Based on similar cases in the past, it might be a phishing attack.

Bitrue, a cryptocurrency exchange with a wide range of trading options, is at the time of writing holding the 30th line of the Coinmarketcap spot exchange chart. The exchange provides both conventional trading methods and a number of earning programs, like staking.

Bittrue's website indicates that the exchange has more than 700 cryptocurrencies available for trading and investing. Founded in 2018, the daily turnover of spot trading on the exchange, according to Coinmarketcap, exceeds one billion dollars.  

This is not the first time a cryptocurrency exchange has had a wallet compromised, amounting to significant losses.

On May 7, 2019, Binance's hot wallet was hacked, which held about 2% of all of the exchange's BTC. Hackers gathered information about Binance users utilizing phishing and other techniques. Then, in a single transaction, the attackers withdrew 7,000 BTC from the exchange.

Users of the Electrum Bitcoin wallet were also affected by a phishing attack. The attack took place in 2019, resulting in 771 BTC in losses. It didn't matter how secure the Electrum wallet was in this case, as hackers used social engineering techniques to trick users into downloading a fake wallet update that was actually a malicious program.

💡
Phishing is one of the oldest and easiest ways for hackers to execute a cyberattack. Using social engineering methods to exploit human weaknesses, attackers aim to persuade victims to click on malicious links, download malicious software, or provide sensitive information, such as login credentials or banking details, under various pretexts. 

Any system's primary point of vulnerability continues to be the human factor, and hackers frequently exploit this weakness. Therefore, dear readers, please remember to secure your devices and avoid clicking on suspicious links.

We continue to Observe.

Comments

Latest