An alarming security incident has affected the Singapore-based bitcoin exchange BingX, leading to the loss of nearly $43 million from its hot wallets on Friday due to a hacker attack. Considered one of the largest crypto attacks of the year, this incident raises serious questions regarding the security measures in place at centralized exchanges.
Details of the BingX Hack
Blockchain security firms Peck Shield and De.Fi reported suspicious activity associated with large fund transfers from BingX’s hot wallet. The exchange’s technical team detected unusual access patterns indicative of a potential attack around 4 AM Singapore time.
Hi @BingXOfficial, we have noticed a significant outflow of funds (over $13.6 million) to the following address: https://t.co/BEJAWWoouA
— PeckShield Inc. (@peckshield) September 20, 2024
In response to the breach, BingX initiated emergency protocols, which involved temporarily halting withdrawals for up to 24 hours and transferring assets into cold storage.
Vivien Lin, also the Chief Product Officer of BingX, stated that “most of the funds are safe in cold wallets,” despite reporting “minimal losses.”
Around 4 AM on September 20, Singapore time, our tech team noticed abnormal network access and suspected a hacker incident on BingX’s hot wallet. We promptly enacted our emergency protocols, including the urgent transfer of assets and suspension of withdrawals. There have been minor asset losses,…
— Vivien Lin @ BingX (@Vivien_BingX) September 20, 2024
However, the estimates from analysts regarding the total stolen amount have been inconsistent, leading to questions about the accuracy of BingX’s claims. Further investigations revealed that hackers had indeed stolen over $43 million across various cryptocurrencies like Ethereum (ETH), Binance Coin (BNB), and Tether (USDT), while initial estimates suggested losses of around $26 million.
User Compensation and Response
Following the breach, BingX has vowed to fully compensate affected users from its own reserves. The exchange has prioritized user security and transparency, working on a compensation strategy; Lin noted they anticipate resuming withdrawal services soon after completing essential security assessments.
However, this assurance has not resonated well with the cryptocurrency community, which has expressed skepticism regarding the exchange’s initial messages about the incident. Initially referring to it as “wallet maintenance,” the exchange left users confused and frustrated, feeling misled about the severity of the situation.
Critics have demanded increased transparency from centralized exchanges like BingX to prevent future occurrences of this nature.
The Rising Trend of Exchange Hacks
The incident at BingX reflects a troubling trend where criminals are increasingly targeting centralized exchanges. Just last week, the Indonesian exchange Indodax faced a similar breach, resulting in a loss of $22 million.
India’s largest exchange, WazirX, suffered a loss exceeding $230 million under comparable circumstances the previous year. Many of these attacks have been attributed to the Lazarus Group from North Korea, known for its sophisticated hacking techniques.
Featured image from Pexels, chart from TradingView
Dutch
English
French
German
Greek
Italian
Portuguese
Russian
Spanish