On Saturday night (4), BitMart, one of the main cryptocurrency trading platforms in the world, confirmed that it had been invaded by a group of hackers, who stole around US$ 150 million (R$ 853 million). According to the company, it was “a large-scale security breach” that affected “hot” (online) Ethereum and Binance Smart Chain (BSC) wallets.
But the situation could have been worse: according to broadcaster CNBC, blockchain security and data analysis company Peckshield estimated that the losses could have reached US$ 196 million, equivalent to more than R$ 1.1 billion. At this time, all platform removals are temporarily suspended until the security review is complete.
Peckshield was the first to detect the breach, noting that one of BitMart’s addresses was “leaking” tens of millions of dollars to a destination identified by the Etherscan tracking tool as BitMart Hacker. According to cybersecurity experts, the loss was $100 million in cryptocurrencies in the Ethereum blockchain, and the rest in coins in the Binance smart chain, with more than 20 types of tokens.
Total estimated loss: ~200M (~100M on @ethereum and ~96M on @BinanceChain ). (Previously we only counted the loss on @ethereum). And here is the list of affected assets/amounts on @BinanceChain pic.twitter.com/cXXApDFtd7
— PeckShield Inc. (@peckshield) December 5, 2021
What happens to stolen cryptocurrencies?
While it’s still unclear what methods hackers used to break into BitMart, the fate of the assets is pretty clear, according to Peckshield: it was a classic case of “transfer, swap, and launder.” In that modus operandi, criminals use a decentralized exchange aggregator, called 1inch, to replace the theft proceeds with Ether. Finally, the coins are deposited in a “privacy mixer”, the Tornado Crush.
CNBC tried to clarify some common doubts of users with BitMart, to clarify if customer funds had been stolen in the invasion and, especially, if so, all would be refunded. However, inquiries sent to a commercial email from the platform’s founder, Sheldon Xia, were returned.
This Monday, at 10 pm, Brasília time, the company’s CEO will clarify doubts and provide clarification on the case through the Telegram. In addition to commenting on the case, the executive will reveal a plan to restore the broker’s operations.