Singapore-based cryptocurrency exchange BingX has suffered a massive loss of $52 million due to a recent cyber attack, according to the blockchain security firm Cyvers. This significant breach raises critical questions about the security practices utilized by cryptocurrency exchanges worldwide. The attack exploited BingX’s hot wallet across multiple blockchains, resulting in substantial financial losses.
What Were the Attack’s Mechanics?
The cyber attack involved multiple blockchains, including Ethereum, Avalanche, BNB, Optimism, Polygon, Base, and Arbitrum. Cyvers first identified the suspicious transactions linked to BingX, calculating the losses to be over $52 million. Most of the stolen assets are reportedly being liquidated.
How Were the Assets Compromised?
Peckshield, another cybersecurity firm, provided details on the breach, confirming that the attacker took $43 million in crypto assets, which they immediately began to liquidate. BingX’s losses were significant, with $26.68 million coming from Ethereum and BNB Chain. The attacker converted these stolen assets into approximately 4,526 ETH and 7,864.7 BNB. Additionally, hours before the attack, $16.5 million worth of crypto had already been withdrawn from the exchange.
In response to the attack, BingX has implemented several countermeasures to protect user assets:
- Suspension of user withdrawals to review asset management protocols.
- Emphasis on a layered asset management system to enhance security.
- Transition of most user funds to cold wallets, reducing hot wallet reliance.
- Urgent reassessment and strengthening of wallet services.
Vivien Lee, BingX’s product manager, announced these measures on social media, highlighting the steps being taken to improve security. She assured users that the majority of funds are now securely held in cold wallets, while only a minimal amount remains available in hot wallets for withdrawals. This proactive approach aims to mitigate further risks and protect user assets.
Leave a Reply