Crypto exchange BigONE disclosed a significant $27 million loss caused by a third-party attack on its hot wallet infrastructure, raising alarm across the digital asset community.
The breach was detected on July 16 after an internal alert flagged abnormal asset movements. BigONE confirmed it stemmed from a sophisticated multi-chain attack targeting critical wallets.
How hackers breached BigONE’s multi-chain hot wallets
The attacker exploited BigONE’s production network, likely by compromising continuous integration and deployment pipelines and server channels. They deployed malicious binaries to transaction servers, circumventing key security controls.
Initial losses included 350 ETH worth approximately $1.1 million, rapidly followed by withdrawals of Bitcoin, Solana, Tron, and multiple other tokens consolidated into mixing services.
Did you know?
Over $2.47 billion was lost to crypto hacks and scams in the first half of 2025, marking a near 3% increase from the previous year.
BigONE’s response and fund recovery efforts
BigONE asserted that all private keys remain secure. The company immediately contained the breach path and teamed up with blockchain security firm SlowMist to track stolen funds.
Besides internal security reserves covering BTC, ETH, USDt, Solana, and other tokens, BigONE is securing external liquidity through borrowing to replenish affected user wallets swiftly.
Pledge to cover all user losses
To preserve user trust, BigONE committed to covering all losses resulting from the hack. This assurance aims to maintain platform confidence amid the growing wave of crypto exchange breaches globally.
ALSO READ | Will BlackRock’s Explosive 370% Jump in Crypto Inflows Force Rivals Into the Market?
Experts highlight deep infrastructure vulnerabilities
Blockchain security auditors noted multiple security flaws enabling the breach, including a single point of failure in hot wallet management, weak code controls, and insufficient network segmentation.
Such vulnerabilities underscore urgent calls to strengthen CI/CD pipelines and implement continuous on-chain and off-chain monitoring.
Security researcher Yehor Rudytsia emphasized the necessity of automated incident response systems to quickly halt exploitation and secure funds.
Industry impact amid rising crypto crime supercycle
BigONE’s incident is the latest in a troubling trend, with over $2.47 billion lost to crypto-related hacks and scams in the first half of 2025, a nearly 3% increase from the prior year.
The hack coincides with a rising frequency of multi-chain attacks, pushing exchanges to bolster defenses and build trust with increasingly cautious investors.
As the crypto sector expands, incidents like BigONE’s breach serve as a poignant illustration of persistent cybersecurity challenges in digital finance.
Comments (0)
Please sign in to leave a comment
No comments yet. Be the first to share your thoughts!