Bitrue cryptocurrency exchange has suffered a hot wallet exploit, allowing attackers to withdraw various crypto assets worth nearly $23 million.
Announcing the news on April 14, Bitrue said that it had to temporarily suspend all withdrawals due to a “brief exploit” of its hot wallet. The firm expects to reopen withdrawals on April 18, 2023, after conducting additional security checks.
Bitrue stressed that it was able to address the matter quickly, which allowed the platform to prevent the further draining of funds. “We take this matter seriously and are currently investigating the situation,” Bitrue stated, adding that the affected hot wallet only accounted for less than 5% of the exchange’s overall funds. The firm wrote:
“The rest of our wallets continue to remain secure and have not been compromised. We are conducting a thorough security review and will update you as we make progress.”
Bitrue executives promised to fully compensate all the identified users affected by the incident. According to the announcement, the affected currencies on the exploited hot wallet included Ether (ETH), Shiba Inu (SHIB), Quant (QNT), Gala (GALA), Holo (HOT) and Polygon (MATIC).
As previously reported, hackers have been increasingly opting for decentralized finance (DeFi) hacks over the past few years, slightly moving away from traditional centralized exchanges. In the first three months of 2022, crypto exchange hacks accounted for just 3% of all crypto stolen, while 97% was taken from DeFi protocols, according to data from Chainalysis.
Founded in Singapore in 2018, Bitrue is a major centralized cryptocurrency exchange, trading nearly $2 billion in crypto per day on average, according to data from CoinGecko. The company has been hacked in the past, losing nearly $5 million in Cardano (ADA) due to a hot wallet hack in 2019.