Bitrue cryptocurrency exchange has experienced a hot wallet exploit, resulting in attackers being able to withdraw various crypto assets that are worth approximately $23 million.
Bitrue announced the news on April 14, stating that it had to temporarily suspend all withdrawals due to a “brief exploit” of its hot wallet. After conducting further security checks, the firm expects to reopen withdrawals on April 18, 2023.
3/4: To conduct additional security checks, Bitrue will temporarily suspend all withdrawals and will reopen withdrawals on 18 April 2023. We seek your understanding and patience at this time. All identified users who are affected by this incident will be compensated in full.
— Bitrue (@BitrueOfficial)
April 14, 2023
Bitrue emphasized that it was able to address the issue swiftly, avoiding further loss of funds. “We take this matter seriously and are currently investigating the situation,” Bitrue said, adding that the exploited hot wallet accounted for less than 5% of the exchange’s overall funds. “The rest of our wallets continue to remain secure and have not been compromised. We are conducting a thorough security review and will update you as we make progress.”
Bitrue executives have guaranteed full compensation for all identified users impacted by the occurrence. The affected currencies on the exploited hot wallet were Ether (ETH), Shiba Inu (SHIB), Quant (QNT), Gala (GALA), Holo (HOT), and Polygon (MATIC), according to the announcement.
As previously reported, hackers have been moving away from traditional centralized exchanges and opting for decentralized finance (DeFi) breaches. In the first three months of 2022, only 3% of all stolen cryptocurrency was taken from crypto exchange hacks, while 97% was obtained through DeFi protocols, according to data from Chainalysis.
Founded in Singapore in 2018, Bitrue is a large centralized cryptocurrency exchange, with an average daily trading volume of nearly $2 billion, according to CoinGecko data. The company previously experienced a hot wallet hack in 2019, resulting in $5 million in Cardano (ADA) being stolen.