Quadriga Initiative Logo.png

QUADRIGA INITIATIVE

CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM

A COMMUNITY-BASED, NOT-FOR-PROFIT

$28 000 000 USD

NOVEMBER 2022

GLOBAL

DERIBIT

DESCRIPTION OF EVENTS

"Cryptocurrency options and futures exchange Deribit has been hacked, with $28 million being drained from its hot wallet."

 

"Deribit hot wallet compromised, but client funds are safe and loss is covered by company reserves

 

Our hot wallet was hacked for USD 28m earlier this evening just before midnight UTC on 1 November 2022."

 

"Client assets, Fireblocks or any of the cold storage addresses are not affected. It's company procedure to keep 99% of our user funds in cold storage to limit the impact of these type of events.

 

The hack is isolated & quarantined to our BTC, ETH and USDC hot wallets."

 

"We are performing ongoing security checks and have to halt withdrawals including third-party custodians Copper Clearloop and Cobo until we are confident all is safe to re-open."

 

"Deposits already sent will still be processed and after the required number of confirmations, they will be credited to accounts."

 

"We have raised the minimum number of confirmations for the moment causing a delay in crediting funds. Until we open wallets again we request you not to send new deposits."

 

"The insurance fund will not be impacted, the loss will be paid by company reserves. Deribit remains in a financially sound position and ongoing operations will not be impacted."

 

"During an appearance on CoinDesk TV on Wednesday, Deribit's chief commercial officer, Luuk Strijers, said client assets have not been affected but withdrawals have been temporarily halted as the exchange makes security checks."

 

""Hackers have gained access to our wallet server, which enabled them to initiate withdrawals from our hot wallet," Strijers said. "We keep 99% of our assets in cold storage and only 1% in hot wallets. The hacker gained access to these hot wallets."

 

"Strijers also revealed that the entirety of the loss will be covered by Deribit's balance sheet assets, which are separate from the company's $40 million insurance fund."

Cryptocurrency options and futures exchange Deribit experienced a hack in which $28 million was stolen from its hot wallet. The incident occurred just before midnight UTC on November 1, 2022. Fortunately, client assets and cold storage addresses, including those of third-party custodians, remain unaffected by the hack. Deribit follows a protocol of keeping 99% of user funds in cold storage to minimize the impact of such events. To ensure security, Deribit has temporarily halted withdrawals, including those of third-party custodians, while they conduct ongoing security checks.

Crypto Exchange Deribit Loses $28M in Hot Wallet Hack, Pauses Withdrawals (Nov 13)
Deribit Hacker Has Started Moving the Stolen $28M to Tornado Cash (Sep 14)
Deribit hackers move stolen Ether to Tornado Cash crypto mixer (Sep 14)
@DeribitExchange Twitter (Sep 14)
Deribit Hotwallet Exploiter | Address 0xb0606f433496bf66338b8ad6b6d51fc4d84a44cd | Etherscan  (Sep 14)
Ethereum Transaction Hash (Txhash) Details | Etherscan  (Sep 14)

Sources And Further Reading

More case studies

Binance Bridge
Forged Proof Exploit

FTX Exchange Collapse
and Bankruptcy

 For questions or enquiries, email info@quadrigainitiative.com.

Get Social

  • email
  • reddit
  • telegram
  • Twitter

© 2021 Quadriga Initiative. Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected Users. Hosted in Canada by HosterBox.