Crypto platform Bitrue has $23 million stolen in cyberattack

Singapore-based cryptocurrency trading platform Bitrue said Friday that $23 million was stolen from one of its own digital wallets.

In a statement, the company said the attacker was able to withdraw the $23 million in several types of digital coins, including Ethereum (ETH), Polygon (MATIC), Shiba Inu (SHIB), Quant (QNT), GALA and Holo (HOT).

The affected wallet was “hot,” meaning it was accessible through the open internet, Bitrue said.

“Please note that the affected hot wallet only contained less than 5% of Bitrue’s overall funds. The rest of our wallets continue to remain secure and have not been compromised. We are conducting a thorough security review and will update you as we make progress,” the company said in a statement.

The platform has temporarily suspended all withdrawals while it conducts more security checks and plans to reopen for customers on April 18.

Bitrue did not specify how many of its own wallets are hot or are maintained "cold," meaning they would be kept offline in a storage device.

Any user who had funds stolen will be compensated fully, the company said. Blockchain security firm PeckShield has been tracking the funds and said the attacker has already converted a portion of the funds into Ethereum.

This is not the first time Bitrue has been attacked. In June 2019, a hacker stole nearly $5 million by exploiting a vulnerability in the platform. Customers were repaid for the funds that were lost at the time.

The attack comes days after decentralized finance platform Yearn Finance announced that almost $11 million was stolen in a cyberattack.