Singapore-based cryptocurrency exchange BingX recently revealed a significant security breach on its platform, resulting in losses from the company’s hot wallet. Despite the alarming event, BingX reassured users that they will be fully refunded for any affected funds, ensuring no customer bears the financial burden of the attack.
The breach occurred in the early hours of September 20, 2024, triggering BingX’s emergency protocols. The platform has temporarily suspended withdrawals as it investigates the incident and works to bolster its security systems.
Swift Response Contained The Damage
At approximately 4:00 AM Singapore time, BingX’s engineering team detected suspicious network activity, raising concerns of a potential security threat. The exchange’s swift response was crucial in minimizing the overall impact of the attack. BingX product manager Vivien Lin confirmed that the exchange activated its emergency protocols immediately, transferring assets to secure locations and freezing withdrawals to prevent further damage. Lin commented:
“We immediately started our emergency plan, including the urgent transfer of assets and the suspension of withdrawals.”
Thanks to these efforts, the majority of users’ assets, stored in cold wallets, were untouched. Cold wallets, unlike hot wallets, are not connected to the internet and are therefore far less vulnerable to cyberattacks.
Although BingX temporarily halted withdrawals, this move was purely precautionary. The exchange is now conducting a comprehensive security review, enhancing its wallet services to ensure the future safety of its users’ assets. Withdrawals are expected to resume within 24 hours once the improvements are completed.
PeckShield and De.Fi Reveal Scope of the Hack
Blockchain security firm PeckShield was the first to break the news of the breach, identifying suspicious withdrawals amounting to over $13 million from one of BingX’s hot wallets. Shortly after, Web3 security firm De.Fi estimated the total losses at nearly $20 million. According to EtherScan data, millions of dollars worth of tokens were siphoned from a hot wallet labeled “BingX 15” and transferred to another address.
Investigators believe the stolen funds are already being laundered through decentralized exchanges. Some of the assets were reportedly moved via Kyberswap, a decentralized exchange often used for quick asset transfers to obscure their origins.
Also Read: LandRocker’s LRT Token to be Listed on BingX, Introducing its Dynamic Roadmap
BingX Prioritizes User Protection
Despite the severity of the breach, BingX has remained transparent with its users and the wider crypto community. The exchange’s commitment to refunding all affected users is a significant step toward rebuilding trust after the attack. As BingX continues to strengthen its platform, it aims to provide enhanced security measures to prevent similar incidents in the future.
This breach underscores the ongoing vulnerability of cryptocurrency exchanges, especially those relying on hot wallets. While BingX’s quick action helped limit the extent of the hack, the incident serves as a reminder for exchanges to prioritize robust security protocols.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.