Crypto Breach: BingX Loses $43M in Attack, Pledges Full Reimbursement to Users
Singapore-based cryptocurrency exchange company BingX fell victim to a devastating cyber attack on September 20, resulting in the loss of $43 million from its hot wallet. Despite the significant breach, the exchange has promised to fully compensate affected users and assured them that the incident will not hinder its ongoing operations.
The attack was detected by BingX’s technical team when they noticed unusual activity at 4 AM in Singapore time. “We immediately activated our disaster plan, which included moving assets and suspending withdrawals,” said Vivien Lin, BingX’s Chief Product Officer.
While the exact extent of the loss is still being calculated, BingX has confirmed that it will cover the entire amount using its own capital. The exchange also emphasized that the overall impact on its business operations is minimal and manageable.
Fortunately, most of BingX’s assets were stored in cold wallets and were not compromised during the attack. The hot wallet, used for instant transfers, contained only a small amount of funds that were targeted by the hackers.
The unauthorized movement of funds was initially detected by blockchain security startup PeckShield, which estimated a loss of $13.5 million. Another analytics platform, Lookonchain, speculated that the amount could potentially reach $26 million.
To contain the breach, BingX temporarily suspended withdrawals and conducted an emergency assessment to bolster its wallet security. Once these security improvements are finalized, user withdrawals should resume within a day or two.
The stolen funds were transferred to various decentralized exchanges, including Uniswap and Kyberswap, where they were swiftly swapped for Binance Coin (BNB) and Ethereum (ETH). As of now, the stolen assets amount to approximately 5.3K ETH, 4.1K BNB, and 1.65M MATIC, resulting in a total loss exceeding $43 million.
Despite the severity of the attack, BingX remains committed to reimbursing affected users and is taking additional measures to prevent similar security breaches in the future. This incident serves as a reminder of the growing threat posed by hackers within the cryptocurrency industry.
Unfortunately, BingX is not the only exchange to fall victim to cyber attacks. Just days prior, Indonesia’s largest cryptocurrency exchange, Indodax, suffered a significant breach resulting in losses of $22 million.
In response to the escalating number of crypto hacks, stablecoin issuers Tether, Circle, Paxos, and Techteryx have taken action to block wallets associated with the infamous Lazarus Group, a notorious hacking organization. These collective efforts aim to mitigate the risks posed by cybercriminals and safeguard users’ digital assets.