BitMart, a cryptocurrency exchange, has said it will compensate victims of a massive security breach in which hackers stole cryptocurrencies worth around $150 million.
BitMart offers spot trading, futures trading, lending, and staking, and is normally ranked among the top centralized exchanges by volume, according to CoinGecko data.
According to BitMart, hackers withdrew about $150 million in assets. However, blockchain security and data analytics firm Peckshield, which first reported the hack, estimates the loss at around $200 million. BitMart refused to say anything on the multimillion-dollar discrepancy when CNBC contacted them.
BitMart described the incident as “a large-scale security breach” and wrote that hackers took $150 million in assets. However, blockchain security and data analytics firm Peckshield estimates that the loss is $190 million.
In an official statement, BitMart said it had completed initial security checks and identified the affected assets. Its security breach was mainly the result of a stolen private key, which affected two of its hot wallets, but other assets remained unharmed.
Private Key:
In cryptography, a private key is an extremely large number, similar to a password. Private keys are used to create digital signatures that can be easily verified without revealing the private key. Additionally, private keys are used in cryptocurrency transactions to prove ownership of a blockchain address.
A “small percentage” of the exchange’s assets were located in the affected Ethereum and Binance smart chain “hot wallets.” Cryptocurrency can be stored “hot,” “cold,” or some combination of both. Unlike a cold wallet, a hot wallet allows its owner relatively easy access to the coins and can be used to access and spend the crypto. The trade-off for convenience is potential exposure to bad actors.
Peckshield, India’s leading blockchain company was the first to notice the breach on Saturday, noting that one of BitMart’s addresses showed steady outflows of tens of millions of dollars to a bitcoin address that Etherscan called “BitMart Hacker”. During the attack, BitMart lost about $100 million in Ethereum and another $96 million in Binance smart coins. The hackers obtained more than 20 tokens, including Binance coin, Safemoon, and Shiba Inu.
In response to the incident, BitMart said they will cover the incident and compensate the affected users. They are also talking to multiple project teams to determine the best solution, such as token swaps. Deposit and withdrawal functions will be gradually introduced on December 7, 2021, according to the company.
