Hacker steals $4.5 million from Bitrue cryptocurrency exchange

Hackers stole $4.25 million worth of Ripple coins and $225,000 worth of Cardano coins.
Written by Catalin Cimpanu, Contributor

A mysterious hacker (or group of hackers) managed to steal over $4.5 million worth of cryptocurrency from Bitrue, a Singapore-based trading platform.

The hacker stole 9.3 million Ripple (XRP) coins and 2.5 million Cardano (ADA) coins, worth $4.25 million and $225,000, respectively.

Admins admitted to the hack, in a statement posted on the company's Twitter account and Telegram channel.

Per Bitrue's statement, administrators detected the hack and immediately shut down trading on their platform, putting the site in maintenance mode while they investigated what was happening.

The exchange's website is still down at the time of writing, but the company said it anticipates that it will resume trading "within a few hours," according to an update posted on the same social media channels minutes before this article's publication.

Bitrue promises to reimburse victims

Administrators say they've also tracked down the theft, which they have linked to an unauthorized transaction that exfiltrated funds from the exchange's hot wallet (used for real-time transactions) to accounts at several other cryptocurrency exchange platforms.

Bitrue said it's working with Bittrex, ChangeNOW, and Huobi to recover the funds from their respective platform.

"Please let us assure you that this situation is under control, 100% of lost funds will be returned to users," Bitrue said in its statement.

"We have also contacted the relevant authorities in Singapore to assist us in tracking down the culprit and retrieving the stolen funds."

Bitrue is a Top 100 cryptocurrency exchange, according to CoinMarketCap's daily exchange rankings.

Today's hack is the exchange's second security incident this year. In January, Bitrue admins also acknowledged to falling victim to a 51% attack during which an attacker exfiltrated over 13,000 Ethereum Classic (ETC) coins worth over $100,000 from the platform's accounts. That attack, however, was thwarted.

How to spot a fake ICO (in pictures)

More data breach coverage:

Editorial standards