BitMart Hot Wallet Security Breach: Difference between revisions

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search
(Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitmarthotwalletsecuritybreach.php}} thumb|BitMartBitMart is one of the largest cryptocurrency exchange platforms in the globe. On December 4th, two of their hot wallets were breached and $196m worth of various assets were rapidly withdrawn. After the initial confusion, the company started their investigation. Limited information has been revealed publicly, however the company...")
 
No edit summary
Line 1: Line 1:
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitmarthotwalletsecuritybreach.php}}
{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/bitmarthotwalletsecuritybreach.php}}
{{Unattributed Sources}}


[[File:Bitmart.jpg|thumb|BitMart]]BitMart is one of the largest cryptocurrency exchange platforms in the globe. On December 4th, two of their hot wallets were breached and $196m worth of various assets were rapidly withdrawn. After the initial confusion, the company started their investigation. Limited information has been revealed publicly, however the company has stated they will be fully compensating all affected users.
[[File:Bitmart.jpg|thumb|BitMart]]BitMart is one of the largest cryptocurrency exchange platforms in the globe. On December 4th, two of their hot wallets were breached and $196m worth of various assets were rapidly withdrawn. After the initial confusion, the company started their investigation. Limited information has been revealed publicly, however the company has stated they will be fully compensating all affected users.


This exchange or platform is based in Cayman Islands, or the incident targeted people primarily in Cayman Islands.
This exchange or platform is based in Cayman Islands, or the incident targeted people primarily in Cayman Islands.
<ref name="coindesk-4676" /><ref name="etherscan-4677" /><ref name="etherscan-4678" /><ref name="peckshieldtwitter-4679" /><ref name="milianistatkovtwitter-4680" /><ref name="sheldonbitmarttwitter-4681" /><ref name="sheldonbitmarttwitter-4682" /><ref name="sheldonbitmarttwitter-4683" /><ref name="sheldonbitmarttwitter-4684" /><ref name="sheldonbitmarttwitter-4685" /><ref name="sheldonbitmarttwitter-4686" /><ref name="sheldonbitmarttwitter-4687" /><ref name="bmxfundsupport-4688" /><ref name="bitmartexchangetwitter-4689" /><ref name="cryptonomist-4690" /><ref name="aibcworld-4691" /><ref name="thewebserv-4692" /><ref name="thedavey92twitter-4693" /><ref name="thedavey92twitter-4694" /><ref name="bitmartexchangemedium-4695" /><ref name="peckshieldtwitter-4696" /><ref name="bitmart-2777" /><ref name="bitmart-2778" /><ref name="bitmartexchangemedium-4697" /><ref name="bitmartexchangemedium-4698" /><ref name="bitmartexchangemedium-4699" /><ref name="bitmartexchangemedium-4700" /><ref name="bmxfundsupport-4701" /><ref name="pymnts-4702" /><ref name="cnbc-4703" /><ref name="peckshieldtwitter-4704" /><ref name="cpomagazine-4705" /><ref name="certikorgtwitter-5334" /><ref name="rektnews-7841" /><ref name="cryptonews-9847" /><ref name="cryptonews-9851" /><ref name="cryptonews-9850" />


== About BitMart ==
== About BitMart ==
Line 129: Line 131:


== References ==
== References ==
[https://www.coindesk.com/business/2021/12/05/crypto-exchange-bitmart-hacked-with-losses-estimated-at-196-million/ Crypto Exchange BitMart Hacked With Losses Estimated at $196M] (Dec 4)
<references><ref name="coindesk-4676">[https://www.coindesk.com/business/2021/12/05/crypto-exchange-bitmart-hacked-with-losses-estimated-at-196-million/ Crypto Exchange BitMart Hacked With Losses Estimated at $196M] (Dec 5, 2021)</ref>


[https://etherscan.io/address/0x68b22215ff74e3606bd5e6c1de8c2d68180c85f7 Address 0x68b22215ff74e3606bd5e6c1de8c2d68180c85f7 | Etherscan] (Dec 21)
<ref name="etherscan-4677">[https://etherscan.io/address/0x68b22215ff74e3606bd5e6c1de8c2d68180c85f7 Address 0x68b22215ff74e3606bd5e6c1de8c2d68180c85f7 | Etherscan] (Dec 22, 2021)</ref>


[https://etherscan.io/address/0x39fb0dcd13945b835d47410ae0de7181d3edf270 Address 0x39fb0dcd13945b835d47410ae0de7181d3edf270 | Etherscan] (Dec 21)
<ref name="etherscan-4678">[https://etherscan.io/address/0x39fb0dcd13945b835d47410ae0de7181d3edf270 Address 0x39fb0dcd13945b835d47410ae0de7181d3edf270 | Etherscan] (Dec 22, 2021)</ref>


[https://twitter.com/peckshield/status/1467316799977193476 @peckshield Twitter] (Dec 21)
<ref name="peckshieldtwitter-4679">[https://twitter.com/peckshield/status/1467316799977193476 @peckshield Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/MilianIstatkov/status/1467301626528636936 @MilianIstatkov Twitter] (Dec 21)
<ref name="milianistatkovtwitter-4680">[https://twitter.com/MilianIstatkov/status/1467301626528636936 @MilianIstatkov Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467316252855226368 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4681">[https://twitter.com/sheldonbitmart/status/1467316252855226368 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1465446749766574080 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4682">[https://twitter.com/sheldonbitmart/status/1465446749766574080 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467316365732233219 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4683">[https://twitter.com/sheldonbitmart/status/1467316365732233219 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467722437735428098 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4684">[https://twitter.com/sheldonbitmart/status/1467722437735428098 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467722582845702149 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4685">[https://twitter.com/sheldonbitmart/status/1467722582845702149 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467722683102208003 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4686">[https://twitter.com/sheldonbitmart/status/1467722683102208003 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://twitter.com/sheldonbitmart/status/1467722815071739909 @sheldonbitmart Twitter] (Dec 21)
<ref name="sheldonbitmarttwitter-4687">[https://twitter.com/sheldonbitmart/status/1467722815071739909 @sheldonbitmart Twitter] (Dec 22, 2021)</ref>


[https://support.bmx.fund/hc/en-us/articles/4412257835035--Important-Notice-BitMart-Security-Upgrade-New-Deposit-Addresses <nowiki>[Important Notice]  BitMart Security Upgrade - New Deposit Addresses – BitMart</nowiki>] (Dec 21)
<ref name="bmxfundsupport-4688">[https://support.bmx.fund/hc/en-us/articles/4412257835035--Important-Notice-BitMart-Security-Upgrade-New-Deposit-Addresses <nowiki>[Important Notice]  BitMart Security Upgrade - New Deposit Addresses – BitMart</nowiki>] (Dec 22, 2021)</ref>


[https://twitter.com/BitMartExchange/status/1473851924260683776 @BitMartExchange Twitter] (Dec 21)
<ref name="bitmartexchangetwitter-4689">[https://twitter.com/BitMartExchange/status/1473851924260683776 @BitMartExchange Twitter] (Dec 22, 2021)</ref>


[https://en.cryptonomist.ch/2021/12/06/bitmart-hack-users-will-be-refunded/ BitMart hack: users will be reimbursed- The Cryptonomist] (Dec 22)
<ref name="cryptonomist-4690">[https://en.cryptonomist.ch/2021/12/06/bitmart-hack-users-will-be-refunded/ BitMart hack: users will be reimbursed- The Cryptonomist] (Dec 23, 2021)</ref>


[https://aibc.world/news/bitmart-to-compensate-victims-of-150m-hack/ BitMart to compensate victims of $150m hack | AIBC News] (Dec 22)
<ref name="aibcworld-4691">[https://aibc.world/news/bitmart-to-compensate-victims-of-150m-hack/ BitMart to compensate victims of $150m hack | AIBC News] (Dec 23, 2021)</ref>


[https://thewebserv.com/business/bitmart-suspends-withdrawals-after-hackers-drained-almost-200-million-in-cryptocurrencies-using-a-stolen-private-key/ BitMart suspends withdrawals after hackers drained almost $200 million in cryptocurrencies using a stolen private key] (Dec 22)
<ref name="thewebserv-4692">[https://thewebserv.com/business/bitmart-suspends-withdrawals-after-hackers-drained-almost-200-million-in-cryptocurrencies-using-a-stolen-private-key/ BitMart suspends withdrawals after hackers drained almost $200 million in cryptocurrencies using a stolen private key] (Dec 23, 2021)</ref>


[https://twitter.com/TheDavey92/status/1467317715069251593 @TheDavey92 Twitter] (Dec 22)
<ref name="thedavey92twitter-4693">[https://twitter.com/TheDavey92/status/1467317715069251593 @TheDavey92 Twitter] (Dec 23, 2021)</ref>


[https://twitter.com/TheDavey92/status/1467325040068812804 @TheDavey92 Twitter] (Dec 22)
<ref name="thedavey92twitter-4694">[https://twitter.com/TheDavey92/status/1467325040068812804 @TheDavey92 Twitter] (Dec 23, 2021)</ref>


[https://bitmart-exchange.medium.com/bitmart-collaborates-with-hacken-on-blockchain-and-cryptocurrency-security-bbf14d97be52 https://bitmart-exchange.medium.com/bitmart-collaborates-with-hacken-on-blockchain-and-cryptocurrency-security-bbf14d97be52] (Dec 22)
<ref name="bitmartexchangemedium-4695">[https://bitmart-exchange.medium.com/bitmart-collaborates-with-hacken-on-blockchain-and-cryptocurrency-security-bbf14d97be52 https://bitmart-exchange.medium.com/bitmart-collaborates-with-hacken-on-blockchain-and-cryptocurrency-security-bbf14d97be52] (Dec 23, 2021)</ref>


[https://twitter.com/peckshield/status/1467318513971118083 @peckshield Twitter] (Dec 22)
<ref name="peckshieldtwitter-4696">[https://twitter.com/peckshield/status/1467318513971118083 @peckshield Twitter] (Dec 23, 2021)</ref>


[https://www.bitmart.com/ BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly] (Aug 21)
<ref name="bitmart-2777">[https://www.bitmart.com/ BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly] (Aug 22, 2021)</ref>


[https://www.bitmart.com/about/en BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly] (Aug 21)
<ref name="bitmart-2778">[https://www.bitmart.com/about/en BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly] (Aug 22, 2021)</ref>


[https://bitmart-exchange.medium.com/bitmart-response-to-security-breach-71ccc2200285 https://bitmart-exchange.medium.com/bitmart-response-to-security-breach-71ccc2200285] (Dec 22)
<ref name="bitmartexchangemedium-4697">[https://bitmart-exchange.medium.com/bitmart-response-to-security-breach-71ccc2200285 https://bitmart-exchange.medium.com/bitmart-response-to-security-breach-71ccc2200285] (Dec 23, 2021)</ref>


[https://bitmart-exchange.medium.com/bitmart-takes-action-to-increase-security-and-bolster-defenses-22489023c989 https://bitmart-exchange.medium.com/bitmart-takes-action-to-increase-security-and-bolster-defenses-22489023c989] (Dec 22)
<ref name="bitmartexchangemedium-4698">[https://bitmart-exchange.medium.com/bitmart-takes-action-to-increase-security-and-bolster-defenses-22489023c989 https://bitmart-exchange.medium.com/bitmart-takes-action-to-increase-security-and-bolster-defenses-22489023c989] (Dec 23, 2021)</ref>


[https://bitmart-exchange.medium.com/bitmart-completes-system-maintenance-and-restores-trading-for-additional-tokens-b0d4babf739f https://bitmart-exchange.medium.com/bitmart-completes-system-maintenance-and-restores-trading-for-additional-tokens-b0d4babf739f] (Dec 22)
<ref name="bitmartexchangemedium-4699">[https://bitmart-exchange.medium.com/bitmart-completes-system-maintenance-and-restores-trading-for-additional-tokens-b0d4babf739f https://bitmart-exchange.medium.com/bitmart-completes-system-maintenance-and-restores-trading-for-additional-tokens-b0d4babf739f] (Dec 23, 2021)</ref>


[https://bitmart-exchange.medium.com/bitmart-securely-resumed-deposit-withdrawal-on-multiple-major-mainnets-e2b938611b77 https://bitmart-exchange.medium.com/bitmart-securely-resumed-deposit-withdrawal-on-multiple-major-mainnets-e2b938611b77] (Dec 22)
<ref name="bitmartexchangemedium-4700">[https://bitmart-exchange.medium.com/bitmart-securely-resumed-deposit-withdrawal-on-multiple-major-mainnets-e2b938611b77 https://bitmart-exchange.medium.com/bitmart-securely-resumed-deposit-withdrawal-on-multiple-major-mainnets-e2b938611b77] (Dec 23, 2021)</ref>


[https://support.bmx.fund/hc/en-us/articles/4411998987419-BitMart-Security-Breach-Update BitMart Security Breach Update – BitMart] (Dec 22)
<ref name="bmxfundsupport-4701">[https://support.bmx.fund/hc/en-us/articles/4411998987419-BitMart-Security-Breach-Update BitMart Security Breach Update – BitMart] (Dec 23, 2021)</ref>


[https://www.pymnts.com/cryptocurrency/2021/196-million-dollar-bitmart-hack-puts-crypto-weakness-display/ https://www.pymnts.com/cryptocurrency/2021/196-million-dollar-bitmart-hack-puts-crypto-weakness-display/] (Dec 22)
<ref name="pymnts-4702">[https://www.pymnts.com/cryptocurrency/2021/196-million-dollar-bitmart-hack-puts-crypto-weakness-display/ https://www.pymnts.com/cryptocurrency/2021/196-million-dollar-bitmart-hack-puts-crypto-weakness-display/] (Dec 23, 2021)</ref>


[https://www.cnbc.com/2021/12/05/hackers-take-196-million-from-crypto-exchange-bitmart-in-large-breach.html https://www.cnbc.com/2021/12/05/hackers-take-196-million-from-crypto-exchange-bitmart-in-large-breach.html] (Dec 22)
<ref name="cnbc-4703">[https://www.cnbc.com/2021/12/05/hackers-take-196-million-from-crypto-exchange-bitmart-in-large-breach.html https://www.cnbc.com/2021/12/05/hackers-take-196-million-from-crypto-exchange-bitmart-in-large-breach.html] (Dec 23, 2021)</ref>


[https://twitter.com/peckshield/status/1467310381073047552 @peckshield Twitter] (Dec 22)
<ref name="peckshieldtwitter-4704">[https://twitter.com/peckshield/status/1467310381073047552 @peckshield Twitter] (Dec 23, 2021)</ref>


[https://www.cpomagazine.com/cyber-security/victims-of-bitmart-crypto-theft-to-be-partially-compensated-crypto-exchange-lost-196-million-in-breach-will-return-150-million-to-users/ https://www.cpomagazine.com/cyber-security/victims-of-bitmart-crypto-theft-to-be-partially-compensated-crypto-exchange-lost-196-million-in-breach-will-return-150-million-to-users/] (Dec 22)
<ref name="cpomagazine-4705">[https://www.cpomagazine.com/cyber-security/victims-of-bitmart-crypto-theft-to-be-partially-compensated-crypto-exchange-lost-196-million-in-breach-will-return-150-million-to-users/ https://www.cpomagazine.com/cyber-security/victims-of-bitmart-crypto-theft-to-be-partially-compensated-crypto-exchange-lost-196-million-in-breach-will-return-150-million-to-users/] (Dec 23, 2021)</ref>


[https://mobile.twitter.com/certikorg/status/1467358524254695424 https://mobile.twitter.com/certikorg/status/1467358524254695424] (Jan 7)
<ref name="certikorgtwitter-5334">[https://mobile.twitter.com/certikorg/status/1467358524254695424 https://mobile.twitter.com/certikorg/status/1467358524254695424] (Jan 7, 2022)</ref>


[https://rekt.news/bitmart-rekt/ Rekt - BitMart - REKT] (May 31)
<ref name="rektnews-7841">[https://rekt.news/bitmart-rekt/ Rekt - BitMart - REKT] (May 31, 2022)</ref>


[https://cryptonews.com/news/badger-dao-appears-to-have-lost-over-usd-62m-in-an-attack.htm Badger DAO Appears to Have Lost Over USD 120M in an Attack] (Dec 1)
<ref name="cryptonews-9847">[https://cryptonews.com/news/badger-dao-appears-to-have-lost-over-usd-62m-in-an-attack.htm Badger DAO Appears to Have Lost Over USD 120M in an Attack] (Dec 1, 2022)</ref>


[https://cryptonews.com/news/bitmart-says-it-lost-usd-150m-in-a-hack-suspends-withdrawals.htm Bitmart Says It Lost USD 150M In a Hack, Suspends Withdrawals] (Dec 1)
<ref name="cryptonews-9851">[https://cryptonews.com/news/bitmart-says-it-lost-usd-150m-in-a-hack-suspends-withdrawals.htm Bitmart Says It Lost USD 150M In a Hack, Suspends Withdrawals] (Dec 1, 2022)</ref>


[https://cryptonews.com/news/santa-hackathon-visor-finance-marks-7th-hack-december.htm Santa Hackathon? Visor Finance Marks 7th Hack in December] (Dec 1)
<ref name="cryptonews-9850">[https://cryptonews.com/news/santa-hackathon-visor-finance-marks-7th-hack-december.htm Santa Hackathon? Visor Finance Marks 7th Hack in December] (Dec 1, 2022)</ref></references>

Revision as of 11:47, 28 February 2023

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

BitMart

BitMart is one of the largest cryptocurrency exchange platforms in the globe. On December 4th, two of their hot wallets were breached and $196m worth of various assets were rapidly withdrawn. After the initial confusion, the company started their investigation. Limited information has been revealed publicly, however the company has stated they will be fully compensating all affected users.

This exchange or platform is based in Cayman Islands, or the incident targeted people primarily in Cayman Islands. [1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36][37]

About BitMart

"The most trusted cryptocurrency trading platform. "Our mission is to provide simple and secure crypto products and services. Whether you are an individual or an institution, we want to help you buy, sell, and store your cryptocurrency." "BitMart Exchange is a premier global digital asset trading platform in the cryptocurrency market with over 2 million users worldwide." "BitMart is a Cayman Islands-based centralized cryptocurrency exchange with offices in New York, China, Hong Kong, and Seoul. BitMart is rated 115 among crypto exchanges by Coinmarketcap.com, based on traffic, liquidity, trading volumes, and trust in the validity of stated trade volumes."

"Our vision is to bring cryptocurrency available to everyone everywhere, we believe, the decentralized digital currency will reshape the global economic fundamentally, such financial freedom would bring further economic innovation, efficiency, and equality to the world. But it won’t happen unless we build simple, and secure products for individuals and institutions around the world to discover and interact with this new frontier."

"Only less than 0.5% of our assets are stored in a hot wallet for daily operation in order to strengthen the protection of digital assets." "More than 99% of our funds are stored in offline cold wallets to prevent feature loss and funding from cold wallet requires multiple signatures from several high-level members."

"Global digital asset trading exchange BitMart has recently started a collaboration with Hacken, a leading cybersecurity consulting company, to strengthen BitMart’s security of trading cryptocurrencies for its users all around the world." "Hacken will support BitMart to ensure the platform remains secure by operating cybersecurity assessments to spot potential vulnerabilities and providing solutions accordingly. As for first steps, Hacken Tam will perform penetration and DDOS resistance testing in order to confirm the safety of our users' funds. By applying Hacken's anti-fraud technology, BitMart can provide a hacker-resistant system for securing transactions on the blockchain."

“BitMart values cybersecurity of our exchange platform more than anything,” said Sheldon Xia, CEO at BitMart, “and Hacken’s zero-tolerance to scam and fraud in crypto aligns with our mission to protect our digital assets, personal data of our users from cybercriminals. We are excited to collaborate with Hacken to make the goal of establishing one of the safest cryptocurrency trading environments in the world come true.”

"A tweet from security analysis firm Peckshield first called attention to the alleged hack Saturday night. One of Bitmart’s addresses currently shows steady outflows of entire token balances, some worth tens of millions of dollars, to an address currently labeled by Etherscan as the “Bitmart Hacker”"

"PeckShield initially detected an unusually high number of outbound transfers about 7.30 p.m. UTC. It was discovered that starting at 4.30 p.m. EST, a number of tokens were transferred out of BitMart’s hot wallet. Large quantities of meme tokens, such as Shiba (SHIB), as well as half a million dollars in the stable coin USDC, were among the tokens."

"In a follow-up tweet, Peckshield estimated the losses to be $100 million in various cryptocurrencies on the Ethereum chain, and $96 million on Binance Smart Chain."

"Peck Shield Co., Ltd. said that money was stolen using “Very easy: transfer, replacement, and cleaning” technique."

"The hacker has been systematically using decentralized exchange aggregator 1inch to swap the stolen assets for the cryptocurrency ether (ETH), and using a secondary address to deposit the ETH into privacy mixer Tornado Cash thus making the hacked funds harder to track."

"In an official Telegram channel, Bitmart representatives initially claimed that the outflows were routine withdrawals, referring to the reports of the hack as “fake news.”"

"On December 4, 2021, at approximately 6:30 pm EST, BitMart identified a security breach related to two of its hot wallets. Within moments, a security response was activated, with multiple systems shut down procedurally to prevent additional losses, including account withdrawals and the trading of certain pairs."

"Hours later, however, Bitmart CEO Sheldon Xia confirmed that the outflows were indeed a hack resulting from a “security breach.” "With this single private key, the hackers were able to steal a total of about $196 million worth of cryptocurrencies from the two wallets." "Blockchain security firm Peckshield — which spotted and tweeted out a warning of the leak about an hour and a half before BitMart CEO Sheldon Xia announced it."

"We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions." "[T]he company’s internal analysis says that the funds came from just two hot wallets (those that are connected to the internet). The wallets were apparently breached via the theft of a private key."

"In concert with leading firms worldwide, a comprehensive security review and investigation was enacted and remains ongoing. Findings thus far indicate that the breach affected two hot wallets: one BSC wallet and one ETH wallet. Based on initial investigation, it appears that approximately $200 million in digital assets were removed by a malicious actor who had gained access to critical private keys."

"The affected ETH hot wallet and BSC hot wallet carries a small percentage of assets on BitMart and all of our other wallets are secure and unharmed. We are now conducting a thorough security review and we will post updates as we progress."

"At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation. Thank you very much."

"In response to this incident, BitMart has completed initial security checks and identified affected assets. This security breach was mainly caused by a stolen private key that had two of our hot wallets compromised. Other assets with BitMart are safe and unharmed."

"In addition to these new measures, our internal security teams have continued their round-the-clock efforts to investigate the cause of the breach, and to identify those responsible. We are also working with cybersecurity specialists to bolster our ongoing efforts to track the hackers and to strengthen our defenses against any future attack."

"We have been in contact with law enforcement agencies and are working in collaboration with other cryptocurrency platforms, as they share our goal of mitigating the risk of attack from nefarious activities. Though we may have been the most recent victim of a large-scale attack, we are not alone in facing these threats. We are working with our ecosystem partners to put every available resource toward thwarting future unlawful actions against cryptocurrency holders, platforms and our communities."

"BitMart will use our own funding to cover the incident and compensate affected users. We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed."

"We are now doing our best to retrieve security set-ups and our operation. We need time to make proper arrangements and your kind understanding during this period will be highly appreciated."

"In terms of asset deposit and withdrawals, we are confident that deposit and withdrawal functions will gradually begin in December 7, 2021. The detailed timelines will be announced very soon. Thank you."

"Our CEO @sheldonbitmart will conduct an AMA at 8PM EST Dec 6 on Telegram to share more info regarding the security breach, compensation arrangement, and how we plan to resume operation. We will strive to maintain transparency and your support to BitMart is highly appreciated."

"The deposit and withdrawal function of all tokens will be resumed step by step, along with the recovery progress of security testing and public chain development. No worries, we are marching forward, security will be always the first priority."

"As part of our security upgrade, BitMart will be replacing all deposit addresses including BTC, ETH, SOL, and all other tokens.Please verify the deposit addresses with BitMart before initiating any deposits. Tokens may not be retrievable if they are mistakenly deposited into the wrong addresses. BitMart is not responsible for faulty deposits."

"As of now, we have resumed deposit and withdrawal for the mainnets below: Avalanche, Binance Chain, Bitcoin, Casper Network, Chia, Ethereum, Harmony, HecoFi, IoTeX, Internet Computer, Kusama, NEAR Protocol, PlatOn Network, Polkadot, Polygon, Solana, Stellar, Tether, Tron, VeChain."

"Thanks to the support of Alexander Capital Ventures, Alpha Square Group, and Chaos Ventures, We will continue to improve user experience and create value for the industry. We'd also like to thank all our BitMart community members and BMX holders." "We are grateful that our community of users, partners, friends, and project teams have continued to trust and stand with us during this time."

This exchange or platform is based in Cayman Islands, or the incident targeted people primarily in Cayman Islands.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - BitMart Hot Wallet Security Breach
Date Event Description
December 4th, 2021 12:00:00 AM Main Event Expand this into a brief description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost has been estimated at $196,000,000 USD.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Prevention Policies

It's unclear if BitMart needed to have such a large volume of funds in their hot wallets and exactly how the private key was breached. An obvious way to reduce the damage would be to limit the funds in the hot wallet, and there are many steps platforms can take to reduce risks. Setting aside specific funds for self-insurance or forming an industry insurance fund would provide greater certainty for platform users in similar future events.

References

  1. Crypto Exchange BitMart Hacked With Losses Estimated at $196M (Dec 5, 2021)
  2. Address 0x68b22215ff74e3606bd5e6c1de8c2d68180c85f7 | Etherscan (Dec 22, 2021)
  3. Address 0x39fb0dcd13945b835d47410ae0de7181d3edf270 | Etherscan (Dec 22, 2021)
  4. @peckshield Twitter (Dec 22, 2021)
  5. @MilianIstatkov Twitter (Dec 22, 2021)
  6. @sheldonbitmart Twitter (Dec 22, 2021)
  7. @sheldonbitmart Twitter (Dec 22, 2021)
  8. @sheldonbitmart Twitter (Dec 22, 2021)
  9. @sheldonbitmart Twitter (Dec 22, 2021)
  10. @sheldonbitmart Twitter (Dec 22, 2021)
  11. @sheldonbitmart Twitter (Dec 22, 2021)
  12. @sheldonbitmart Twitter (Dec 22, 2021)
  13. [Important Notice] BitMart Security Upgrade - New Deposit Addresses – BitMart (Dec 22, 2021)
  14. @BitMartExchange Twitter (Dec 22, 2021)
  15. BitMart hack: users will be reimbursed- The Cryptonomist (Dec 23, 2021)
  16. BitMart to compensate victims of $150m hack | AIBC News (Dec 23, 2021)
  17. BitMart suspends withdrawals after hackers drained almost $200 million in cryptocurrencies using a stolen private key (Dec 23, 2021)
  18. @TheDavey92 Twitter (Dec 23, 2021)
  19. @TheDavey92 Twitter (Dec 23, 2021)
  20. https://bitmart-exchange.medium.com/bitmart-collaborates-with-hacken-on-blockchain-and-cryptocurrency-security-bbf14d97be52 (Dec 23, 2021)
  21. @peckshield Twitter (Dec 23, 2021)
  22. BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly (Aug 22, 2021)
  23. BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly (Aug 22, 2021)
  24. https://bitmart-exchange.medium.com/bitmart-response-to-security-breach-71ccc2200285 (Dec 23, 2021)
  25. https://bitmart-exchange.medium.com/bitmart-takes-action-to-increase-security-and-bolster-defenses-22489023c989 (Dec 23, 2021)
  26. https://bitmart-exchange.medium.com/bitmart-completes-system-maintenance-and-restores-trading-for-additional-tokens-b0d4babf739f (Dec 23, 2021)
  27. https://bitmart-exchange.medium.com/bitmart-securely-resumed-deposit-withdrawal-on-multiple-major-mainnets-e2b938611b77 (Dec 23, 2021)
  28. BitMart Security Breach Update – BitMart (Dec 23, 2021)
  29. https://www.pymnts.com/cryptocurrency/2021/196-million-dollar-bitmart-hack-puts-crypto-weakness-display/ (Dec 23, 2021)
  30. https://www.cnbc.com/2021/12/05/hackers-take-196-million-from-crypto-exchange-bitmart-in-large-breach.html (Dec 23, 2021)
  31. @peckshield Twitter (Dec 23, 2021)
  32. https://www.cpomagazine.com/cyber-security/victims-of-bitmart-crypto-theft-to-be-partially-compensated-crypto-exchange-lost-196-million-in-breach-will-return-150-million-to-users/ (Dec 23, 2021)
  33. https://mobile.twitter.com/certikorg/status/1467358524254695424 (Jan 7, 2022)
  34. Rekt - BitMart - REKT (May 31, 2022)
  35. Badger DAO Appears to Have Lost Over USD 120M in an Attack (Dec 1, 2022)
  36. Bitmart Says It Lost USD 150M In a Hack, Suspends Withdrawals (Dec 1, 2022)
  37. Santa Hackathon? Visor Finance Marks 7th Hack in December (Dec 1, 2022)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=BitMart_Hot_Wallet_Security_Breach&oldid=2809"