On Thursday, a hacker “exploited a vulnerability in (the Bitrue exchange’s) Risk Control team’s 2nd review process to access the personal funds of about 90 Bitrue users,” according to a tweet thread from Singaporean crypto exchange Bitrue.
This initial attack was quickly repeated on the exchange’s own hot wallets, from which 9.3 million “Ripple” tokens (worth $3.8 million) and 2.5 million Cardano tokens (worth $225 000) were removed by hackers before being moved onto a number of other exchanges.
Bitrue says it was able to notify several of the exchanges before the hacker could cash out:
“The attack was soon detected, and activity was temporarily suspended on Bitrue. We alerted the receiving exchanges about the situation, and wish to extend our thanks to
@HuobiGlobal, @BittrexExchange and @ChangeNOW_io for their help in freezing the affected funds and accounts.”
Bitrue also promises that all, “personal funds are insured, and anybody affected by this breach will have their funds replaced by us as soon as possible.”
The company said that Singaporean authorities have also been contacted and that interested parties can track the stolen funds.
Anyone with information on this particular hack is also asked to contact the platform.
Other crypto trading platforms hacked this year include Cryptopia (21 ooo ETH currently worth $6.5 million USD), Coinmama (user information taken), and Binance (7000 BTC currently worth $86 5000 000).
According to the blogger Neuron, hackers have now stolen more than $15 billion from cryptocurrency exchanges (though that number may be higher right now given recent price increases).
Israeli police recently arrested two brothers, Eli and Assaf Gigi, whom they believe stole 120 000 Bitcoins from the Bitfinex trading platform in 2016.
Bitcoins are currently trading for more than $12 000 USD.
Police were reportedly led to the brothers when Bitcoins dormant since the hack in 2016 began moving across the Internet earlier this month.