TechRepubli
A mysterious hacker (or group of hackers) managed to steal over $4.5 million worth of cryptocurrency from Bitrue, a Singapore-based trading platform.
The hacker stole 9.3 million Ripple (XRP) coins and 2.5 million Cardano (ADA) coins, worth $4.25 million and $225,000, respectively.
Admins admitted to the hack, in a statement posted on the company's Twitter account and Telegram channel.
Per Bitrue's statement, administrators detected the hack and immediately shut down trading on their platform, putting the site in maintenance mode while they investigated what was happening.
The exchange's website is still down at the time of writing, but the company said it anticipates that it will resume trading "within a few hours," according to an update posted on the same social media channels minutes before this article's publication.
Bitrue promises to reimburse victims
Administrators say they've also tracked down the theft, which they have linked to an unauthorized transaction that exfiltrated funds from the exchange's hot wallet (used for real-time transactions) to accounts at several other cryptocurrency exchange platforms.
Bitrue said it's working with Bittrex, ChangeNOW, and Huobi to recover the funds from their respective platform.
"Please let us assure you that this situation is under control, 100% of lost funds will be returned to users," Bitrue said in its statement.
"We have also contacted the relevant authorities in Singapore to assist us in tracking down the culprit and retrieving the stolen funds."
Bitrue is a Top 100 cryptocurrency exchange, according to CoinMarketCap's daily exchange rankings.
Today's hack is the exchange's second security incident this year. In January, Bitrue admins also acknowledged to falling victim to a 51% attack during which an attacker exfiltrated over 13,000 Ethereum Classic (ETC) coins worth over $100,000 from the platform's accounts. That attack, however, was thwarted.
💔‼️Ethereum Classic (ETC) 51% Attack Detected On @BitrueOfficial
— Bitrue (@BitrueOfficial) January 8, 2019
We've experienced an ETC 51% attack yesterday morning. The attacker tried to withdraw 13,000 ETC from our platform but got halted by our system. As demonstrated below: pic.twitter.com/V7YWzkldIv
How to spot a fake ICO (in pictures)
More data breach coverage:
- Mermaids transgender charity data breach exposed confidential emails
- Data of 645k Oregonians exposed after 9 DHS employees fell for a phishing attack
- Ad agency leaks data on US military veterans' combat injuries
- NASA hacked because of unauthorized Raspberry Pi connected to its network
- Desjardins, Canada's largest credit union, announces security breach
- Meds prescriptions for 78,000 patients left in a database with no password
- Facebook passwords by the hundreds of millions sat exposed in plain text CNET
- The largest cybersecurity breaches of the past three years TechRepublic