A $200 million Bitmart hack has been uncovered by Peckshield, a blockchain security, and data analytics provider, which identified an Ethereum blockchain transfer of around $100 million.
The team also discovered that the crypto exchange’s BSC reserves had been hacked concurrently for $96 million. Total estimated loss: $200 million ($100 million on @ethereum and $96 million on @BinanceChain). (Previously, only @ethereum was counted).
There were over 20 tokens taken by the hacker, including Binance Coin (BNB), Safemoon, BSC-USD, and BPay. In addition to BabyDoge, Floki, and Moonshot, as large amounts of meme coins were compromised.
Peckshield said the hack was a simple case of swap, transfer, and wash. Bitmart CEO, Sheldon Xia later confirmed on Twitter that the hack concerned ETH and BSC hot wallets.
She said, “Our team is still determining the best method to use at this moment. Around $150 million in assets were withdrawn by the hackers.”
“Until further notice, we are temporarily suspending withdrawals. If you could be patient with us during this time, we would greatly appreciate it. Please accept our sincere thanks.”
An exploit of decentralized finance (DeFi) protocol BadgerDAO has cost cryptocurrency lending platform Celsius $50 million, which seems to be an ongoing threat to the crypto ecosystem.
BadgerDAO announced Wednesday that it received multiple exports of unauthorized withdrawals of user funds following a security breach reported on Dec. 2. Badger team took preventative measures similar to Bitmart and paused all smart contracts on the protocol to avoid further losses.
How to safeguard your crypto from theft
- The likelihood of theft can be reduced in various ways. You can prevent theft of your cryptocurrency and coins by storing them on offline hardware.
- Hardware wallets and paper wallets must be locked in a safe when not in use. Put your private keys in a place like a bank safe deposit box or a remote safe location, far away from where your wallet is kept.
- Exchanges should only hold crypto that is needed for trading and exchange.
- Whenever you access your exchanges, wallets, or other online crypto service providers through your web browser, be sure to use a secure and trusted bookmark. The 5-dollar wrench attack can result in losses if you do not utilize multiple passphrases on your hardware wallet.
- Multifactor authentication can be improved by using an offline token generator like Google Authenticator. Multiple signatures can be applied to wallet funds.
- You should limit your exposure to the public in regard to crypto holdings and avoid discussing them in public.
- Make sure your wallet address is double-checked after pasting it, and provide an image of the wallet address when emailed, chatted, or otherwise sent via digital means.