BigONE Exchange Suffers $27M Hack Through Supply Chain Exploit

BigONE Exchange suffered a $27M hack due to a supply chain exploit that compromised its hot wallet infrastructure. The attacker bypassed verification processes and withdrew assets from multiple blockchains. BigONE assured users that all losses will be covered, trading and deposits will resume, and withdrawals will be paused until a security overhaul is completed. Experts warn that supply chain attacks are becoming more common in centralized finance, targeting internal systems and third-party service integrations.

BigONE Exchange, a prominent cryptocurrency trading platform, has confirmed a significant security breach resulting in the theft of approximately $27 million in digital assets. The incident, which occurred on July 16, was attributed to a sophisticated supply chain attack. This type of attack involves compromising a third-party service or software that the exchange relies on, thereby gaining unauthorized access to its systems [1].

The breach targeted BigONE’s hot wallet infrastructure. The attacker gained access by modifying production environment settings tied to the account and risk control logic. BigONE stated that private keys were not exposed during the incident. The team discovered abnormal fund flows, traced the breach, and stopped further losses. The stolen assets include 120 BTC, 1,272 ETH, 8.5 million USDT across TRC20, ERC20, BSC, and Solana, plus 23.3 million TRX. Other affected tokens include 20,730 XIN, 4.3 million SNT, 15.7 million CELR, 16,071 LEO, 25,487 UNI, 9.7 billion SHIB, 1,800 SOL, and 538,000 DOGE. BigONE noted that these figures remain under review [1].

Despite the size of the exploit, the exchange assured users that losses would not affect them directly. To maintain account balances, BigONE has activated internal reserves in BTC, ETH, USDT, SOL, and XIN. For the remaining assets, the exchange is sourcing external liquidity and using borrowing mechanisms. The attacker quickly swapped the assets into multiple chains. Confirmed hacker wallets include Ethereum/BSC: 0x9Bf7a4dDcA405929dba1FBB136F764F5892A8a7a, Bitcoin: bc1qwxm53zya6cuflxhcxy84t4c4wrmgrwqzd07jxm, Solana: HSr1FNv266zCnVtUdZhfYrhgWx1a4LNEpMPDymQzPg4R, and Tron: TKKGH8bwmEEvyp3QkzDCbK61EwCHXdo17c. CertiK, which also monitored the breach, reported token transfers just before the exploit was confirmed. SlowMist is now collaborating with BigONE to monitor wallet movements and prevent further distribution of the stolen assets [1].

Meanwhile, blockchain investigator criticized the exchange, claiming BigONE previously processed volume from pig butchering, romance, and scam-related schemes. He stated he had “no sympathy” for the platform’s operators due to its prior ties. BigONE has suspended withdrawals as new security protocols are being applied. Deposits and trading are expected to resume shortly. The exchange has pledged transparent updates as investigations continue [1].

The supply chain attack on BigONE highlights the vulnerabilities that can exist within the cryptocurrency ecosystem. As exchanges increasingly rely on third-party services for various operations, the risk of such attacks becomes more pronounced. This incident serves as a reminder for exchanges and users alike to remain vigilant and implement robust security measures to mitigate potential threats [1].

The theft of $27 million in digital assets is a substantial loss, but it is important to note that the exchange's response has been proactive. By quickly identifying the hacker addresses, BigONE has taken a crucial step in preventing further damage and potentially recovering some of the stolen assets. The exchange's transparency in confirming the loss and providing updates on the situation is commendable, as it helps to maintain user trust and confidence in the platform [1].

The incident also raises questions about the overall security of the cryptocurrency industry. While blockchain technology is inherently secure, the human and technological elements surrounding it can introduce vulnerabilities. Exchanges, in particular, are attractive targets for hackers due to the large amounts of digital assets they hold. This incident underscores the need for continuous improvement in security protocols and the implementation of advanced technologies to protect against such attacks [1].

In conclusion, the supply chain attack on BigONE resulting in the theft of $27 million in digital assets is a significant event in the cryptocurrency world. The exchange's prompt response and transparency in handling the situation are positive steps towards mitigating the impact of the attack. However, the incident serves as a reminder of the ongoing challenges in securing the cryptocurrency ecosystem and the need for continuous vigilance and improvement in security measures [1].

References:
[1] https://www.ainvest.com/news/solana-news-today-bigone-suffers-27-million-cryptocurrency-theft-supply-chain-attack-2507/