$4 500 000 USD

JUNE 2019




"Bitrue is the most secure and advanced online platform for buying, selling, transferring, and storing digital currency." "Bitrue exchange is established by a group of blockchain enthusiasts and focus on cryptocurrency trading. We [are] dedicate[d] to providing safe and convenient service for cryptocurrency trading, and being the best aggregator of qualified cryptocurrency all over the world." "We have offices in US, Europe and Asia Pacific. We make our collective knowledge, experience and global network available to our users."


"At approximately 1am June 27 (GMT+8), a hacker exploited a vulnerability in Bitrue's Risk Control team's 2nd review process to access the personal funds of about 90 Bitrue users. The hacker used what they learned from this breach to then access the Bitrue hot wallet and move 9.3 million XRP and 2.5 million ADA to different exchanges."


"[H]ackers stole $4.5 million in personal funds from 90 users of Singapore-based cryptocurrency exchange Bitrue. They accessed Bitrue’s hot wallet, which is connected to the internet and is easily accessible, unlike a cold wallet, which is stored offline and therefore cannot be hacked." "Bitrue further detailed that 9.3 million XRP, worth $4.01 million, and 2.5 million cardano (ADA), worth $231,800, had been accessed and transferred off its platform." "According to the release, the breach affected just 90 users, each of which had an average of $50,000 stolen from their wallets."


"Bitrue’s first action was to shut down all activity on the platform." "The website’s homepage was replaced with a message saying Bitrue is currently undergoing “scheduled maintenance.”" "Bitrue is being applauded by the crypto community for its swift, professional response to the incident. The exchange promptly detected the attack and immediately responded to the security breach to mitigate the loss of further funds."


"According to the Bitrue team, 100 percent of lost funds will be returned to users and it is working to ensure that a similar security breach does not happen in the future." "[P]lease let us assure you that this situation is under control, 100% of lost funds will be returned to users, and we are reviewing our security measures and policies to ensure this does not happen again."


"The hacker quickly sent those funds to different exchanges." "Bitrue conducted an analysis of the hacker’s activity and was able to determine which exchanges the funds were being sent to." "Luckily all transactions were visible on the blockchain and Bitrue teamed up with Houbi, Bittrex, and ChangeNOW to freeze the addresses that received the coins." "Bitrue is working with the Huobi, Bittrex and ChangeNOW exchanges and says they have frozen funds and accounts associated with the hack."


"The attack was soon detected, and activity was temporarily suspended on Bitrue. We alerted the receiving exchanges about the situation, and wish to extend our thanks to @HuobiGlobal, @BittrexExchange and @ChangeNOW_io for their help in freezing the affected funds and accounts."


"Right now we are conducting an emergency inspection of the exchange and hope to be live again as soon as possible with log in & trading functionality. Withdrawals will be offline for a slightly longer period while we continue investigating the situation."


"Bitrue is now working with authorities in Singapore to help track down the hackers and potentially recover the stolen funds where possible." "We have also contacted the relevant authorities in Singapore to assist us in tracking down the culprit and retrieving the stolen funds. We will update everyone when we have more news to share."


"The team also released a funds tracker, allowing users to track the movement of stolen XRP." "The flow of the stolen funds can be tracked [on the XRP blockchain]. If you have any information about this breach, please contact us at support@bitrue.com or DM us on twitter, @BitrueOfficial"


"@Exmo_Com have let us know that they were also able to freeze some of the funds that the hackers took, and we will work together to recover them. Thank you so much for your help EXMO!"


"Bitrue said it is conducting an emergency inspection of its systems and aims to be up and running normally again "as soon as possible."" "The team says they will be up and running in no time."


"While Bitrue is communicating openly about the hack, it originally confused users after it announced it would be performing unscheduled “temporary maintenance,” that would last “about 15-18 hours.”" "Please note that at the time, due to uncertainty about the current situation, we stated that the exchange was going down for some unplanned maintenance. We apologize for this miscommunication with our users." "Once again, I want to assure everybody that their personal funds are insured, and anybody affected by this breach will have their funds replaced by us as soon as possible."


"We're happy to announce that log in & trading services are live again on Bitrue. Additionally, any user accounts that were affected by the breach have had their assets replaced, as per the Bitrue insurance policy. Thank you so much to everyone who has supported us."


"If you deposited funds during the downtime, they will not arrive until our deposit function is back online. This will happen alongside withdrawals coming back online, which will be within 3 working days. We'll update with more info when we can."


"We are going to make sure that deposits are available at the time that BTR trading goes live. If need be, this means that we will push the launch of BTR trading back slightly. We'll work hard to avoid this happening, but we want everyone to know that it is a possibility."


"Since the hack occurred, both Ripple and Cardano have witnessed significant losses, with both cryptocurrencies down more than 10% in the last 24 hours, alongside the cryptocurrency market in general. As it stands, it doesn’t appear that the hack is directly responsible for the recent crash."


"Huobi, Bittrex and ChangeNOW froze the funds on their exchanges, totaling approximately $1.35 million. This frozen amount should be recoverable by Bitrue in the future after working with the authorities and exchanges."


"After recovering the frozen assets, the net loss to Bitrue will be $3.15 million USD. This total includes $1.89 million USD lost from individual user accounts, and $1.26 million USD lost from Bitrue’s own hot wallet. The funds lost by user accounts were insured and were replaced from Bitrue’s own wallet."


"Withdrawal and deposit services were down for longer, but came back online early on July 4. Full service took a little longer than expected — we add XRP to accounts by scanning the XRP ledger for funds sent to our wallet. When Bitrue came back up we had to scan every block since the time that we went down until now. All 165,000 blocks that were created during the downtime have now been scanned & users have been credited."


"After working around the clock we are pleased to say that deposits and withdrawals are online in Bitrue in time for BTR trading to go live!"


"We are going to phase out the existing API keys for our API users on July 5 11:00 (GMT+8), as an extra security measure. Users will be able to apply for new API keys afterwards."


"To improve the transparency of our operations and increase the level of trust in our exchange, we are currently building a new multi-sig secure wallet which will contain our insurance fund. This insurance fund will contain within it an amount of assets that exceeds the value of the coins that remain within our hot wallets at any one time. In the unlikely event of a security breach resulting in user funds being taken from our hot wallets, users will be reimbursed using this insurance fund."


"As we previously promised, we have now finished establishing our new wallets containing our insurance funds. These new wallets are multi-sig and contain within them an amount of assets that exceeds the value of the coins that remain within our hot wallets at any one time. In the unlikely event of a security breach resulting in user funds being taken from our hot wallets, users will be reimbursed using this insurance fund. We are the first exchange to keep these addresses open for public viewing, as we believe full transparency is the best way for our users to build faith in us."

Singapore-based cryptocurrency exchange Bitrue was another exchange which suffered a hot wallet breach, apparently managing to bypass the review process of their Risk Control team. Bitrue has notified that all customers will be fully refunded and reportedly improved security significantly. A large portion of the lost funds were successfully frozen and returned through other platforms Huobi, Bittrex and ChangeNOW.


Last year, Bitrue set up hot wallet insurance with published addresses and balances. However, the assets in the fund are Ripple (currently undergoing a SEC litigation in the US) and Bitrue's own BTR token. It's entirely possible for a hack to coincide with challenges accessing the liquidity of these funds.


If it can’t be put in a proper offline multi-signature wallet, it can’t be depended upon to stay intact. Bitrue has now implemented a form of self-insurance on their assets, which should help significantly. One way to improve that system would be to have the insurance in a currency which is highly liquid, not tied to their platform, and not the subject of ongoing litigation with the SEC.


Check Our Framework For Safe Secure Exchange Platforms

Upbit Is the Seventh Major Crypto Exchange Hack of 2019 - CoinDesk (Feb 4)
The biggest cryptocurrency scams and arrests of 2019 - Business Insider (Feb 15)
Most Significant Hacks of 2019 — New Record of Twelve in One Year (Feb 23)
SlowMist Hacked - SlowMist Zone (Jun 26)
The 23 exchange hacks of 2019 (Aug 8)
@BitrueOfficial Twitter (Sep 29)
@BitrueOfficial Twitter (Sep 29)
Bitrue - Leading Digital Assets Exchange (Sep 15)
About Us (Sep 15)
Singapore Exchange Bitrue Hacked for Over $4 Million in Crypto - CoinDesk (Dec 12)
https://bitrue.zendesk.com/hc/en-001/articles/360046727794 (Dec 12)
https://bitrue.zendesk.com/hc/en-001/articles/360049715433-Bitrue-s-New-Insurance-Wallet-Is-Live (Dec 12)
XRPL Explorer (Dec 12)
https://www.altcoinbuzz.io/cryptocurrency-news/finance-and-funding/bitrue-hacked-for-4-2-million-in-xrp-and-ada-assets/ (Dec 12)
https://www.pymnts.com/cryptocurrency/2019/major-crypto-hacks/ (Dec 12)
@BitrueOfficial Twitter (Dec 12)
rwSvajJ4ZNhjgzcfaJWkEuLh4VURTFHuka (Dec 12)
@BitrueOfficial Twitter (Dec 12)
Singapore-based Cryptocurrency Exchange Bitrue Hacked for $4.5 Million - BeInCrypto (Dec 12)
https://www.ccn.com/hackers-steal-4-million-in-xrp-and-ada-from-singaporean-crypto-exchange-bitrue/ (Dec 12)
Were Back Online Stronger Than Ever (Dec 12)
A Comprehensive List of Cryptocurrency Exchange Hacks - SelfKey (Dec 12)
Singapore Exchange Bitrue Hacked for Over $4 Million in Crypto (Dec 12)
Hacker steals $4.5 million from Bitrue cryptocurrency exchange | ZDNet (Dec 12)
Hackers breach cryptocurrency exchange Bitrue for $4.2M in Ripple and Cardano (Dec 12)
@BitrueOfficial Twitter (Dec 12)
Exchanges’ response to Bitrue hack shows maturing industry » Brave New Coin (Dec 12)
@ChangeNOW_io Twitter (Jul 11)

Sources And Further Reading

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.