Summary: # On April 14, 2023, cryptocurrency exchange Bitrue was hacked, resulting in the theft of cryptocurrencies worth approximately $23 million. Hackers gained access to the exchange’s hot wallets and stole various cryptocurrencies, including ETH, SHIB, QNT, HOT, MATIC, and GALA.
Attackers: # The identity of the hackers who carried out the attack on Bitrue is unknown.
Bitrue Drainer wallet: 0x1819ede3b8411ebc613f3603813bf42ae09ba5a5
Losses: # Bitrue estimated the losses from the hack to be approximately $23 million.
...
Summary # On April 9, 2023, South Korean cryptocurrency exchange GDAC was hacked, resulting in the theft of cryptocurrencies worth approximately $13 million. Hackers gained access to the exchange’s hot wallets and stole various cryptocurrencies, including Bitcoin (BTC), Ethereum (ETH), and Wemix (WEMIX).
Attackers # The attackers behind the GDAC hack remain unidentified.
GDAC Hacker ETH wallets:
0x244615D99684175d31369332039b2D84ce925EC5 0x57192cca8b8e4beb77f3466c6d0550e64cc53b0f Losses # GDAC lost approximately $13 million:
10,000,000 WEMIX 220,000 USDT 350 ETH 60.
...
Summary # CoinDeal is a defunt cryptocurrency exchange. In January 2023, the U.S. Securities and Exchange Commission (SEC) charged six individuals and two companies for their involvement in a fraudulent investment scheme called CoinDeal, which raised over $45 million from sales of unregistered securities to tens of thousands of investors worldwide. The defendants falsely claimed that investors could generate significant returns by investing in a blockchain technology called CoinDeal, which would be sold for trillions of dollars to a group of wealthy buyers.
...
Summary # On November 1, 2022, Deribit, a cryptocurrency derivatives exchange, was hacked for $28 million. The attacker gained access to the exchange’s hot wallet, which contains a small portion of the exchange’s user funds that are kept online for fast withdrawals.
Attackers # The identity of the attacker(s) is unknown.
BTC
Deribit hacker 1: bc1q2dequzmk5vk8nmmrata8nq4y0zgqn4vc0n2h8y Deribit hacker 2: bc1qw5g8lw4kzltpdcraehy2dt6dqda8080xd6vhl4kg4wwsypwerg9s3x6pvk ETH and USDC
Deribit hacker 1: 0xb0606f433496bf66338b8ad6b6d51fc4d84a44cd Deribit hacker 2: 0x8d08aad4b2bac2bb761ac4781cf62468c9ec47b4 Losses # The attackers managed to steal ~691 Bitcoin (BTC) and ~6,947 Ether (ETH) and ~$3,394,823 USDC from the hot wallet, worth approximately $28 million at the time of the attack.
...
Summary # On September 20, 2022, Wintermute, a London-based algorithmic market maker offering liquidity across Centralized Finance (CeFi) and Decentralized Finance (DeFi) exchanges and over-the-counter (OTC) deals, was the victim of a security breach. The exploit resulted in a loss of approximately $160 million, impacting 90 different assets including stable coins, Bitcoin, Ether, and various altcoins. The attack was executed through a brute force private key compromise Source. The suspected vulnerability originated from Profanity, a service Wintermute used for generating vanity addresses, despite efforts to blacklist their Profanity-associated accounts after the vulnerability became known.
...
Summary # On February 1, 2022, BitBNS, an Indian crypto exchange, fell victim to a hacking incident resulting in the loss of $8 million. The exploit was made possible through a vulnerability in their AWS (Amazon Web Services) cloud storage, allowing the attacker to access the exchange’s private keys and steal funds. BitBNS initially attempted to hide the breach from users by tweeting about “system maintenance in progress.” The CEO later admitted to concealing the incident, stating that the decision was made following law enforcement advice.
...
Summary # On January 8, 2023, cryptocurrency exchange LCX was hacked, resulting in the theft of cryptocurrencies $8 million. Hackers gained access to the exchange’s hot wallets and stole various cryptocurrencies, including ETH, USDC, SAND, LINK, QNT, ENJ, and MKR.
Attackers # The identity of the hackers who attacked LCX is unknown.
Hacker ETH Wallets:
0x165402279F2C081C54B00f0E08812F3fd4560A05 0x29875bd49350aC3f2Ca5ceEB1c1701708c795FF3 Losses # LCX estimated the losses from the hack to be $8 million.
...
Summary # On December 11, 2021, AscendEX, a cryptocurrency exchange, was the victim of a hot wallet breach that resulted in the loss of $77 million. The attacker gained access to one of the exchange’s hot wallets, used to store user funds available for withdrawal.
Attackers # The identity of the attacker(s) remains unknown.
Wallet addresses to which assets were transferred:
ERC20: 0x2c6900b24221de2b4a45c8c89482fff96ffb7e55 Polygon: 0x2c6900b24221de2b4a45c8c89482fff96ffb7e55 BSC: 0x2c6900b24221de2b4a45c8c89482fff96ffb7e55 LTC: LSvQWLf2kGm7UdXtwKvNj4GU1B4xKWUQXR BCH: qp2x5rnn2fkraxcp4hr6suqmnpdehfaaaqn3tv6jke Losses # The attackers managed to steal approximately $77 million worth of assets from the AscendEX network.
...
Summary # On December 4, 2021, BitMart Exchange, a global cryptocurrency platform operating in 180+ countries, fell victim to a significant security breach. The attacker extracted approximately $196 million worth of various digital assets from the hot wallets of the exchange across two networks: Binance Smart Chain (BSC) - $96 million, and Ethereum - $100 million. The primary targets were meme-based tokens, such as SHIB and SAFEMOON. The attacker converted the stolen tokens into ETH and BNB via 1inch and laundered these assets using TornadoCash.
...
Summary # On August 28, 2021, Bilaxy, a Seychelles-based centralized exchange, experienced a security breach, resulting in a loss of approximately $21 million. The attacker compromised Bilaxy’s hot wallet and transferred roughly 300 tokens, including notable cryptocurrencies such as USDT, USDC, UNI, and Bilaxy Token(BIA), among others. As of August 16, 2023, the attacker still controls various tokens worth roughly $3,628,005.
Attackers # The identity of the attackers remains unknown.
...