BitMart loses $150 million in the second-largest crypto-heist of the year
Catalin Cimpanu December 6, 2021

BitMart loses $150 million in the second-largest crypto-heist of the year

BitMart loses $150 million in the second-largest crypto-heist of the year

  • BitMart said it was hacked over the weekend, losing an estimated $150 million in ETH and BSC.
  • The company said it will cover the losses from its own funds.
  • BitMart CEO Sheldon Xia said the hack happened after a threat actor gained access to some of the company's private keys.

Cryptocurrency exchange BitMart said on Saturday that it was hacked for $150 million in what was the third hack of a cryptocurrency exchange of last week and the second-largest crypto-heist of the year.

The hack took place on Saturday morning, according to a statement released by the company and tweets from its CEO.

“We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets,” said BitMart founder and CEO Sheldon Xia on Twitter over the weekend.

Hot wallets are special wallets where exchange portals place a small portion of their funds to provide liquidity for their current stream of transactions.

On Monday, Xia said that the hackers appear to have gained access to the two private keys that the company was using to manage these wallets and approve operations.

How the hackers gained access to these keys remains unknown, but a compromise of an employee account is currently the main suspect.

On Twitter, Xia has also promised to cover the hack’s losses via the company’s funds, meaning users won’t lose any of their personal assets following the incident.

Withdrawals are still frozen on the platform while the BitMart security team is finishing up its investigation, which Xia estimated would finish tomorrow, on December 7.

BitMart is currently ranked #113 on CoinMarketCap’s cryptocurrency exchange ranking, based on volume.

Even if blockchain security firm PeckShield estimated that the total lost assets in the BitMart hack would actually be estimated at $192 million, the company’s hack would rank as the second-largest crypto-heist of the year regardless.

Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.