IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

BitMart suspends withdrawals following hack

Hackers managed to get away with at least $150 million (£113 million) in cryptocurrencies

Cryptocurrency trading platform BitMart has temporarily suspended all withdrawals following a security breach that saw hackers steal at least $150 million (£113 million) from users’ wallets.

Blockchain security and data analytics provider Peckshield was the first to report the incident after it spotted an outflow of cryptocurrencies through blockchain transaction tracker Etherscan.

BitMart, which describes itself as “the most trusted crypto trading platform”, confirmed a “large-scale security breach” in the early hours of Sunday morning, with founder and CEO Sheldon Xia estimating the stolen assets at $150 million.

However, according to Peckshield’s calculations, the loss could have been closer to $200 million, of which $100 million was formed from various cryptocurrencies on the Ethereum blockchain, with a further $96 million from coins on the Binance smart chain.

The company didn’t specify how many customers were affected by the theft and wasn’t immediately available for comment.

On Monday, Xia announced that BitMart had “completed initial security checks and identified affected assets”, adding that the breach had been “caused by a stolen private key that had two of our hot wallets compromised”.

BitMart is scheduled to resume withdrawal functions on Tuesday and will use its “own funding to cover the incident and compensate affected users”.

However, Ilia Kolochenko, founder of ImmuniWeb and a member of the Europol Data Protection Experts Network, said that it’s unlikely that the victims of the breach will get back the entirety of the stolen funds.

Related Resource

The best defence against ransomware

How ransomware is evolving and how to defend against it

Blue padlock Free download

“Cyber insurance will unlikely cover such losses. The victimised customers of Bitmart may try to recover their losses in court, but their chances to prevail are pretty low, while the eventual chance to get all their money back borders on zero,” he told IT Pro.

Kolochenko described such investigations as “costly and complex”, blaming the issue on the “turbulent and competitive” cryptocurrency market, “where few players can afford adequate investment into their cybersecurity programmes” and data protection isn’t the first priority.

He called on regulators to “start treating crypto businesses as financial institutions by imposing much stricter data protection rules”.

“Otherwise we will see many more hacks like this one,” he added.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update
Whitepaper

The Total Economic Impact™ of Apple Mac in Enterprise: M1 update

12 May 2022
Dell Technologies World 2022: Dell unveils fastest storage architecture in company history
Server & storage

Dell Technologies World 2022: Dell unveils fastest storage architecture in company history

4 May 2022
Dell Technologies World 2022: Dell unveils security offerings for major cloud providers
public cloud

Dell Technologies World 2022: Dell unveils security offerings for major cloud providers

3 May 2022
How do you become an ethical hacker?
ethical hacking

How do you become an ethical hacker?

29 Apr 2022

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022