BitMart: Crypto-exchange loses $196m to hackers

KEY POINTS

Hackers have taken $196 million from crypto trading platform Bitmart, a security firm said Saturday.
Bitmart confirmed the hack in an official statement Saturday night, calling it “a large-scale security breach” and writing that hackers withdrew about $150 million in assets.
Blockchain security and data analytics firm Peckshield estimates that the loss is closer to $200 million.

Those affected, one storing Ethereum and one Binance Smart Chain tokens, “carry a small percentage of assets on BitMart and all of our other wallets are secure and unharmed”, it said.

Bitmart says that the affected Ethereum and Binance smart chain “hot wallets” carried only a “small percentage” of the exchange’s assets. The statement went on to say that all other wallets were “secure and unharmed.”

People who choose to hold their own cryptocurrency can store it “hot,” “cold,” or some combination of the two. A hot wallet is connected to the internet and allows owners relatively easy access to their coins so that they can access and spend their crypto. The trade-off for convenience is potential exposure to bad actors.

Bitmart confirmed the hack in an official statement Saturday night, calling it “a large-scale security breach” and writing that hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield estimates that the loss is closer to $200 million.

Bitmart is suspending customer withdrawals until further notice.

“At this moment we are still concluding the possible methods used,” it said.

“We are now conducting a thorough security review and we will post updates as we progress.”

Peckshield estimated that Bitmart lost around $100 million in various cryptocurrencies on the Ethereum blockchain and another $96 million from coins on the Binance smart chain. The hackers made off with a mix of more than 20 tokens, including Binance coin, Safemoon, and Shiba Inu.

And it would try to “maintain transparency” as it dealt with the aftermath of the attack.

Many investors recommend moving large amounts of crypto-currency not needed for day-to-day trading to “cold” storage, disconnected from the wider internet.

Mt Gox handled most of the world’s Bitcoin transactions – until 850,000 bitcoins went “missing”, shuttering the company.

And since then, attacks have been a constant problem for crypto exchanges and investors.

Major hacks on crypto-currency platforms are so regular it is hard to keep up.

And the latest follows the pattern we are becoming used to – huge amounts of stolen crypto-currency and tiny amounts of detail from the victim.

We do not know:

exactly how much money was stolen
whether it came from customers’ wallets or a central pot owned by Bitmart
whether the company will repay users

Past hacks have seen a multitude of outcomes.

Sometimes users are refunded, sometimes they are partially refunded, sometimes the company goes bust and on one occasion a hacker even returned all the money.

The only certainty is this hack will add further fuel to the fire for people calling for regulation of these increasingly important companies.