Cayman-registered crypto exchange BitMart has lost at least US$150 million after a security breach.
The company suspended withdrawals on Sunday, 5 Dec. after it reported the day before that hackers were able to take US$150 million in crypto assets using a stolen private key.
The company’s CEO, Sheldon Xia, said in a notice, that BitMart has “identified a large-scale security breach related to one of our ETH (ether) hot wallets and one of our BSC (Binance Smart Chain) hot wallets”.
He said all of the exchange’s other wallets were secure and unharmed.
Crypto hot wallets, unlike cold wallets, are connected to the internet. This makes them more convenient to use but also less secure.
A cryptocurrency wallet consists of a set of public addresses and private encryption keys. While cryptocurrency can be deposited in a public address, it cannot be removed without the secret private key.
“BitMart will use our own funding to cover the incident and compensate affected users,” Xia said in a second notice on the company’s website on 6 Dec. “We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed.”
He added that deposit and withdrawal functions of the exchange would gradually resume on Tuesday, 7 Dec, once the company has retrieved security set-ups and restored operations.
Only last week, BitMart closed a Series B funding round, led by the New York-based private equity firm Alexander Capital Ventures, with a US$300 million valuation.
The company says it has more than 9 million users worldwide and is ranked among the top 15 crypto exchanges on CoinGecko.
Although the company is widely described in media reports as headquartered in the Cayman Islands, it is registered in Cayman but has offices in Singapore, New York, Hong Kong and Seoul.
Peckshield, a security firm, first publicised the breach on Saturday. It estimates that crypto assets worth closer to US$200 million were stolen in various cryptocurrencies on the Ethereum blockchain and Binance Smart Chain. In total, hackers are believed to have stolen more than 20 types of tokens.
Related Videos
