BitMart Hack Results in $150 Million Loss
Table of Contents
- By Steven
- Aug 10, 2022
BitMart, a cryptocurrency trading platform, has been in the news for all the wrong reasons. BitMart suffered a nasty digital security breach that prompted a corrective update. However, the defensive action proved too little too late as the crypto trading site suffered a financial loss of several hundred million dollars.
What Caused the Breach?
The data breach is the result of a stolen private key. The key in question contained two of the company's hot wallets, ultimately leading to a data compromise and ensuing financial loss. The hackers stole a combination of 20 tokens, transferred them out, swapped them, and washed the digital currency.
According to a CNBC report, the digital miscreants responsible for the offensive relied on Tornado Cash and 1inch to exchange the stolen crypto for other types of crypto, making it challenging to track the funds. Tornado Cash is a privacy mixer that prevents money tracing. The aggregator 1inch was used to transfer the stolen digital currency for ether.
How Much Money Was Stolen in the Attack?
The attack caused the loss of more than $150 million of crypto. However, a report from PeckShield stated that BitMart's losses from the attack amounted to just under $200 million. All in all, about half of the losses were in myriad cryptocurrencies stemming from the Ethereum blockchain. The rest of the money stemmed from Binance Smart Chain currencies.
How did BitMart Respond to the Attack?
BitMart responded by pausing customer crypto withdrawals. The company also took steps to bolster the security of the Binance Smart Chain and Ethereum hot wallets. It is interesting to note the company's executives tapped into their internal funds to cover the cost of the attack and offset customer losses.
Why was BitMart Targeted?
It appears as though the blockchain technology that underlies bitcoin and similar cryptocurrencies is relatively secure. However, the same cannot be said of exchanges where people trade, buy, and sell a wide range of cryptocurrencies. Exchanges cannot be trusted in the same manner customers trust traditional banks simply because the crypto industry lacks the same regulations as the banking industry.
Furthermore, crypto exchanges are not FDIC insured. Therefore, assets lost on crypto exchanges are unlikely to spur financial compensation from the company itself, even if it acted negligently.
What Role did Hot Wallets Play in the Breach?
The Binance Smart Chain and Ethereum hot wallets involved in the data breach were compromised, yet they only contained a small percentage of the total assets on the exchange. In the context of crypto, the word "hot" and "cold" refer to a wallet's connection to the web versus the lack of connection, respectively.
Where Does This Hack Rank in the Context of Crypto Attacks?
This attack is significant in the grand scheme of things as it is only outranked by five similar attacks in terms of aggregate value lost. However, as time progresses, the number of crypto hacks and other web-based attacks continues to increase. If you have not taken recent steps to fortify your digital security, do so now before you become the next cybersecurity statistic.