Bhushan is a FinTech enthusiast and holds a good flair in understanding financial markets. His interest in economics and finance draw his attention towards the new emerging Blockchain Technology and Cryptocurrency markets. He is continuously in a learning process and keeps himself motivated by sharing his acquired knowledge. In free time he reads thriller fictions novels and sometimes explore his culinary skills.
The hacker exploited the Bitmart hot wallets hosted on Ethereum and Binance Smart Chain. It was a classic case of “transfer-out, swap, and wash”.
Amid the mega bull run in the crypto space in 2021, the hackers’ community has been the most active. Cryptocurrency exchange Bitmart was a victim to one such latest hack attempt over the last weekend.
As per an earlier report from blockchain security and data analytics firm Peckshield, Bitmart lost a staggering $196 million across multiple cryptocurrencies. Hackers reportedly managed to steal these assets from the hot wallets on Ethereum and the Binance Smart Chain (BSC). Of these, $100 million was lost on Ethereum and the rest on BSC.
Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7
— PeckShield Inc. (@peckshield) December 5, 2021
Later, crypto exchange Bitmart also accepted the security breach on the platform. In its official blog post, Bitmart noted:
“We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets today. At this moment we are still concluding the possible methods used. Hackers were able to withdraw assets of the value of approximately 150 million USD”.
However, Bitmart adds that the affected hot wallets on ETH and BSC constitute only a small percentage of the funds on the exchange. It further assures that all other wallets are secure and unharmed.
Bitmart added that it will be conducting a thorough security review of the events. For the time being, the crypto exchange has also suspended withdrawals on its platform.
The Nature of the Hack on Bitmart Was Straightforward
Last Saturday, blockchain security firm Peckshield noticed the hack for the first time. It noted that one of Bitcoin’s addresses witnessed a steady outflow of tens of millions of dollars. Popular blockchain platform Etherscan refers to this address as Bitmart hacker.
Peckshiled noted that hackers have stolen the funds across 20 different cryptocurrencies. This includes altcoins such as Binance Coin (BNB), Safemoon, BSC-USD and BNBBPay (BPay). The hackers also exploited some of the meme coins including BabyDoge, Floki and Moonshot.
Bitmart, however, said that it is unclear of the possible methods of the hack. But according to Peckshield, whatever happened after the breach was pretty straightforward. It was a classic case of “transfer-out, swap, and wash,” said the security firm.
After moving the funds out of Bitmart, hackers reportedly used the decentralized exchange aggregator ‘1inch’ for exchanging the stolen token against Ether. Later, the hackers deposited these Ether coins into a privacy mixer Tornado Cash thereby making it difficult to trace the funds.