Bitrabo Editorial
Singapore-based bitcoin exchange BingX experienced a major security incident, resulting in the loss of nearly $43 million from its hot wallets due to hacking. This incident, which is one of the most significant crypto breaches of this year, raises serious concerns regarding the security measures implemented by centralized exchanges. Source
Details of the BingX Breach
Security firms Peck Shield and De.Fi detected unusual fund transfers from BingX’s hot wallet. Around 4 AM Singapore time, the exchange’s technical team noticed irregular access patterns, hinting at a potential breach.
Hi @BingXOfficial, you might need to investigate as we see major fund outflows (> $13.6m) to this address:
— PeckShield Inc. (@peckshield) September 20, 2024
BingX acted promptly, activating its emergency protocols by suspending withdrawals for up to 24 hours and transferring assets to cold storage. Vivien Lin, the Chief Product Officer, assured that the majority of funds remain secure in cold wallets and noted that the losses were relatively small.
Detected unusual network access early on September 20, prompting us to activate our emergency plan to protect assets and pause withdrawals. While there were minor asset losses, most funds are safe,…
— Vivien Lin @ BingX (@Vivien_BingX) September 20, 2024
Despite this, there are discrepancies in the estimated theft amounts. Further investigations revealed that hackers stole over $43 million in various cryptocurrencies, including Ethereum (ETH), Binance Coin (BNB), and Tether (USDT), contrasting with earlier estimates of approximately $26 million in losses.
User Support and Feedback
In the wake of the hack, BingX has pledged full compensation to the affected users using its funds. The exchange is focused on ensuring user security and maintaining transparency, and they are developing a compensation strategy. Lin indicated that withdrawal services will be reinstated soon after necessary security assessments are carried out.
However, initial misleading communication from the exchange claimed the issue was merely “wallet maintenance,” which perplexed and angered users who felt deceived about the seriousness of the situation. This led to criticisms regarding the need for improved transparency from centralized exchanges like BingX to prevent such issues in the future.
Rising Incidents of Exchange Hacking
The BingX incident is part of a worrying trend where hackers increasingly target centralized exchanges. Recently, the Indonesian exchange Indodax lost $22 million in a similar incident. Furthermore, the largest exchange in India, WazirX, faced a significant breach last year, resulting in a loss exceeding $230 million, many believed to be linked to the Lazarus Group from North Korea, known for its sophisticated hacking techniques.
Image from Pexels, chart by TradingView