Deribit Hack: $28 Million Stolen in Hot Wallet Attack

November 1, 2022

Summary #

On November 1, 2022, Deribit, a cryptocurrency derivatives exchange, was hacked for $28 million. The attacker gained access to the exchange’s hot wallet, which contains a small portion of the exchange’s user funds that are kept online for fast withdrawals.

Attackers #

The identity of the attacker(s) is unknown.

BTC

Deribit hacker 1: bc1q2dequzmk5vk8nmmrata8nq4y0zgqn4vc0n2h8y
Deribit hacker 2: bc1qw5g8lw4kzltpdcraehy2dt6dqda8080xd6vhl4kg4wwsypwerg9s3x6pvk

ETH and USDC

Deribit hacker 1: 0xb0606f433496bf66338b8ad6b6d51fc4d84a44cd
Deribit hacker 2: 0x8d08aad4b2bac2bb761ac4781cf62468c9ec47b4

Losses #

The attackers managed to steal ~691 Bitcoin (BTC) and ~6,947 Ether (ETH) and ~$3,394,823 USDC from the hot wallet, worth approximately $28 million at the time of the attack.

Timeline #

November 1, 2022, 11:56 PM +UTC: The attacker gains access to the exchange’s hot wallet and withdraws 691 BTC and 9,080 ETH.
November 2, 2022, 07:03 AM +UTC: Deribit halts withdrawals and announces the hack.

Security Failure Causes #

Lack of multi-signature wallets: Deribit’s hot wallet was not protected by multi-signature security, which would have required multiple people to approve withdrawals. This made it easier for the attacker to gain access to the wallet and withdraw the funds.
Insufficient security measures: Deribit did not have sufficient security measures in place to protect its hot wallet. This included weak passwords and poor access control.

Market Health Metrics API

Benford's Law

Volume distribution analysis

Time-of-Trade

Buy/Sell Ratio

VWAP

Attack Types

Entity Types

Target Entities

51% Attacks

Custodian Attacks

Flash Loan Attacks

Lockout Scams

Phishing Attacks

Reentrancy Attacks

Rug Pull Scam