Oh, the irony! BigONE, the once-mighty crypto exchange, has fallen victim to a supply chain attack that has left it reeling with over $27 million in losses. The attacker, a cunning fox no doubt, was able to withdraw funds from a network exploit, leaving the exchange’s hot wallet in tatters.
On July 16, the crypto exchange suffered a third-party attack that targeted the company’s hot wallet. The team, now sporting a fresh batch of grey hairs, is currently working with on-chain security firm SlowMist to investigate the exploit. According to the report, the exchange’s production network was compromised in the attack that resulted in a $27 million loss.
SlowMist, the unsung heroes of this tale, have managed to track down the hacker’s addresses, which are linked to Ethereum (ETH), BSC (BNB), Solana (SOL), Bitcoin (BTC) and Tron (TRX). The security firm is currently following up on the stolen funds and updating the company on the movements of funds.
🚨SlowMist TI Alert🚨
The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw…
So far, the company has activated internal security reserves to protect user funds from further exploits and to maintain on-chain liquidity. The team claims that all private keys remain secure and the loop hole from the attack has been identified and contained.
“For other affected mainstream and non-mainstream tokens, we are actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible,” wrote BigONE in its statement.
How was BigONE attacked?
Based on the firm’s report, the attacker was able to gain access to BigONE’s production network. This includes the live servers responsible for account management and risk controls. The attacker then modified the “operating logic” of these servers that can control which withdrawals were valid and which ones were not.
As as result, the attacker did not need to infiltrate the system to steal private keys. All they had to do was manipulate the logic servers in order to approve and process withdrawals, letting malicious actors fly under the radar and steal funds by withdrawing them from the exchange.
Upon detecting the exploit, BigONE disabled their deposit and withdrawal feature to prevent any more funds from escaping. However, the team promised to resume their services within a few hours after more security reinforcements are added.
“We are actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible,” said BigONE.
Read More
- Gold Rate Forecast
- Meghan Trainor Turns Heads With Must-See Red Carpet Look
- Free League Publishing Releases Open Game License for Coriolis: The Great Dark
- Batman is Back in His Superhero Bag and It’s About Time (Review)
- Marvel Rivals ‘Season 4’ adds Daredevil and a new Vanguard, alongside features I’ve been craving for months — but one announcement has me concerned
- One:12 Collective The Dark Knight Batman Figure Has Some Great Head Sculpts
- When Hackers Met Their Match: Venus Protocol’s $13.5M Heist Gone Wrong 😅
- EUR THB PREDICTION
- Surviving Mars: Relaunched announced for PS5, Xbox Series, and PC
- SWORN launches September 25
2025-07-16 10:21