As regulatory uncertainty continues to plague the global digital asset ecosystem, there are many proponents of the fight against crypto who continue to insist that the industry as a whole has a long way to go when it comes to protecting itself from a cryptocurrency. so that it is anywhere. comparable to the traditional financial system. Now with the recent Bitmart hack coming to light, these individuals have been given even more firepower.
In short, on December 5, cryptocurrency exchange Bitmart was on the receiving end of a major hack that caused the platform to lose nearly $ 200 million through a hot wallet compromise hosted on the Ethereum and Binance Smart blockchains. Chain. The breach was first exposed by blockchain security firm Peckshield, whose cybersecurity team revealed that nefarious third parties were able to initially transfer approximately $ 100 million through the Ethereum blockchain, followed by another simultaneous $ 96 million hack. using the BSC reserves of the cryptocurrency exchange.
Hackers were able to accumulate more than 20 tokens, including various altcoins such as Binance Coin (BNB), SafeMoon (SAFEMOON), BSC-USD and BNBBPay (BPay). They were also able to steal decent amounts of meme tokens, including Baby Doge Coin (BabyDoge), Floki Inu (FLOKI), and Moonshot (MOONSHOT). According to the PeckShield security team, the whole scheme can be attributed to a simple "transfer, change and wash" maneuver.
Bitmart responds
To better understand how the entire incident came about, Cointelegraph reached out to Bitmart. A spokesperson for the trading platform noted that as soon as the breach was discovered, the company took action by shutting down multiple systems to "limit any kind of immediate damage"; Actions included stopping token withdrawals and preventing users from trading certain pairs. The representative added:
โWe plan to continue to gradually restore services, but only by following the exhaustive testing process of our security team. Safety remains our number one priority. In fact, as of Tuesday, December 7, 2021, EST, we have resumed depositing and withdrawing ETH and ERC20 tokens. "
Additionally, a written response from the exchange also highlighted that to bolster its native security infrastructure, Bitmart had replaced all of its token deposit addresses in relation to currencies such as Bitcoin (BTC), Ether (ETH) and Solana (SUN), as well as all the other tokens involved in the incident. "We have also notified our users of the relevant changes," the statement concluded.
Finally, on December 6, Sheldon Xia, founder and CEO of BitMart, Announced via Twitter that the xchange was going to use its own financing to compensate for the losses derived from the incident: โWe are also talking with various project teams to confirm the most reasonable solutions, such as token exchanges. Users' assets will not be damaged. "
The crypto community shows solidarity
Following the nearly $ 200 million hack, members of the global Shiba Inu (SHIB) community and cryptocurrency exchange Huobi Global jumped up to offer Bitmart with whatever assistance the exchange needs not only to strengthen your existing security setup, but also to keep an accurate record of your misplaced asset entries.
Speaking to Cointelegraph, Huobi's chief global strategy officer Jeff Mei noted that in cases like the one seen in relation to Bitmart, it is imperative that transparency and immediate action are top priority, adding:
"Exchanges must alert their users, other exchanges and law enforcement authorities as soon as possible and be transparent about what they are doing to handle the attack and loss of user funds."
Furthermore, Mei emphasized that users should avoid bundling all their assets on a single platform or a single wallet, and in cases where they feel that something suspicious might be going on, users should not hesitate to contact the relevant exchange and tell them about it. about the possible security incident.
Like Huobi, the Shiba Inu community also confirmed their intentions to help Bitmart, adding that they had already stepped up their efforts to review potential security threats to ShibaSwap, a decentralized community-built exchange (DEX).
More education is needed
Raimundo Castilla, CEO of digital asset custody platform Prosegur Crypto, told Cointelegraph that what happened to Bitmart with its recent security breach was something that could be easily prevented only if the platform's users had received the Sufficient education to keep your digital assets abroad and not on the exchange. itself:
โHot wallets should be reserved only for the funds you want to trade with. This amount of money should have been kept in cold storage with a 100% offline transaction and air gap system. "
However, Castilla added that for platforms like Bitmart to avoid future incidents, they must employ a combination of innovative technologies alongside rigid governance protocols. Your private keys shouldn't have been protected online to begin with, as anything stored online is susceptible to attack, regardless of how well it is protected. "They should have worked with whitelists, so even if someone has access to any private key, they could only send funds to a previously confirmed wallet address," he clarified.
Additionally, Bitmart could have employed an advanced multi-party computing (MPC) co-signing system that used a multi-signature approval module. This would have required the hackers to need multiple people to approve the transactions in question.
Castilla added that: "Hacking just a private key can't do anything at all." Also, someone playing the role of key account manager could have stepped in and "stopped the transaction to get to the customer and see if it was legitimate."
Better security measures are the need of the moment
With the crypto ecosystem seemingly under a continuous spate of nefarious hacking incidents, it is worth noting that recently digital asset lending platform Celsius also confirmed that it had been versus a loss of $ 50 million via an exploit related to the decentralized finance protocol (DeFi) BadgerDAO.
Attack reports first emerged on December 9 with the core protocol development team announcing that they received โmultiple unauthorized recall exportsโ related to their clients. Afterward, they stopped all of their existing smart contracts to mitigate further potential losses.
That said, it hasn't all been bad news recently, as the Synapse Bridge cross-chain protocol revealed that on November 9, its security team was able to avoid multimillion dollar exploitation in the Avalanche Neutral Dollar (nUSD) metapool, preventing crooks from breaking through with nearly $ 8 million in digital currencies.
Post navigation
Previous Post
Eternals Disney+ Hotstar Release Date Announced
![Best 5 Solidtorrents Alternatives to Download Torrents [Verified]](https://i2.wp.com/www.techworm.net/wp-content/uploads/2021/12/solidtorrentalternativescover.jpg?w=75&resize=75,75&ssl=1 "Best 5 Solidtorrents Alternatives to Download Torrents [Verified]")