BitoPro confirms $11.5 million exploit
Taiwan-based cryptocurrency exchange BitoPro confirmed a security breach that resulted in the loss of over $11.5 million in digital assets from its hot wallets on May 8.
The stolen assets were moved across Ethereum (CRYPTO:ETH), Tron (CRYPTO:TRX), Solana (CRYPTO:SOL), and Polygon (CRYPTO:MATIC) wallets before being sent to decentralised exchanges (DEXs) where they were sold, according to onchain investigator ZachXBT.
Blockchain data shows the funds were then routed through the cryptocurrency mixer Tornado Cash (CRYPTO:TORN) or bridged to Bitcoin (CRYPTO:BTC) via THORChain, methods commonly used by hackers to anonymise stolen assets.
Despite the breach, BitoPro did not publicly disclose the incident on social media platforms like X or Telegram for several weeks, as noted by ZachXBT in a June 2 post.
On May 9, the exchange announced a maintenance period, which was resolved the same day; however, some users reported difficulties withdrawing USDT following the event.
Three weeks after the breach, BitoPro acknowledged the exploit in a June 2 Telegram statement, explaining that the attacker exploited an “old hot wallet” during a wallet system upgrade and internal fund reallocation.
The exchange asserted it holds sufficient virtual asset reserves and that user withdrawals remain “completely unaffected.”
BitoPro confirmed that deposits, withdrawals, and trading functions continued to operate normally throughout the incident.
A third-party blockchain security firm has been engaged to trace the stolen funds, and BitoPro plans to share the new hot wallet address for external investigation soon.
Security analysts from Hacken noted that the attack involved multiple failed attempts over six hours, highlighting ongoing vulnerabilities in access control within Web3 systems.
“Access control failures are now one of the most critical threats in Web3,” a Hacken representative said, and mentioned their tool “Extractor” is designed to detect similar exploits in real time.
This incident follows a pattern of high-profile attacks targeting exchanges and decentralised finance (DeFi) protocols, including the recent $220 million exploit of Cetus DEX and a $3 million breach of the Nervos Network (CRYPTO:CKB).
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
XRP to ETH Move Yields 600% Profit Boost
A timely switch from XRP to ETH leads to 600% gains as XRP dips and ETH rises. Here's the full story behind this strategic move.Ethereum Gains While XRP SlidesWhy Timing and Analysis Matter
Unstaked Shatters Expectations With $9M Raised in a Few Weeks! Monero Flashes Overbought Warning & SUI Tests Support
Explore how Unstaked hits $9M in presale while Monero’s chart flashes caution and Sui’s price trend holds firm. Full breakdown inside.Monero (XMR) Technical Overview: Overbought Readings Raise CautionUnstaked Presale Jumps to $9M as its AI Features Go ViralFinal Thoughts!
Vitalik Buterin Admits Bitcoin Holds Key Advantages Over Ethereum in Certain Areas
In a rare moment of open critique, Ethereum co-founder Vitalik Buterin acknowledged that while Ethereum leads in some critical areas, Bitcoin remains ahead in several foundational aspects of blockchain technology.
Truth Social Files Bitcoin ETF Application
Trending news
MoreCrypto prices
More
