Deribit Hack: $28 Million Stolen in Hot Wallet Attack

Summary

On November 1, 2022, Deribit, a cryptocurrency derivatives exchange, was hacked for $28 million. The attacker gained access to the exchange’s hot wallet, which contains a small portion of the exchange’s user funds that are kept online for fast withdrawals.

Attackers

The identity of the attacker(s) is unknown.

BTC

• Deribit hacker 1: bc1q2dequzmk5vk8nmmrata8nq4y0zgqn4vc0n2h8y
• Deribit hacker 2: bc1qw5g8lw4kzltpdcraehy2dt6dqda8080xd6vhl4kg4wwsypwerg9s3x6pvk

ETH and USDC

• Deribit hacker 1: 0xb0606f433496bf66338b8ad6b6d51fc4d84a44cd
• Deribit hacker 2: 0x8d08aad4b2bac2bb761ac4781cf62468c9ec47b4

Losses

The attackers managed to steal ~691 Bitcoin (BTC) and ~6,947 Ether (ETH) and ~$3,394,823​​ USDC from the hot wallet, worth approximately $28 million at the time of the attack.

Timeline

• November 1, 2022, 11:56 PM +UTC: The attacker gains access to the exchange’s hot wallet and withdraws 691 BTC and 9,080 ETH.
• November 2, 2022, 07:03 AM +UTC: Deribit halts withdrawals and announces the hack.

Security Failure Causes

• Lack of multi-signature wallets: Deribit’s hot wallet was not protected by multi-signature security, which would have required multiple people to approve withdrawals. This made it easier for the attacker to gain access to the wallet and withdraw the funds.
• Insufficient security measures: Deribit did not have sufficient security measures in place to protect its hot wallet. This included weak passwords and poor access control.