Bitmart pledges to reimburse hack victims with support from voices of the crypto community

As regulatory uncertainty continues to affect the global digital asset ecosystem, many anti-crypto proponents continue to insist that the...



As regulatory uncertainty continues to affect the global digital asset ecosystem, many anti-crypto proponents continue to insist that the industry as a whole has a long way to go to secure itself from a way that is anywhere. comparable to the traditional financial system. Now with the recent Bitmart hack uncovered, these individuals received even more firepower.

To recap, on December 5th, the Bitmart cryptocurrency exchange was the target of a major hack that saw the platform lose nearly $ 200 million via a hot wallet compromise hosted on Ethereum blockchains. and Binance Smart Chain. The breach was first exposed by blockchain security firm Peckshield, whose cybersecurity team revealed that malicious third parties were initially able to transfer around $ 100 million through the Ethereum blockchain, followed by another concurrent hack. of $ 96 million. using the BSC reserves of the crypto exchange.

Hackers were able to accumulate over 20 tokens, including a number of altcoins such as Binance Coin (BNB), SafeMoon (SAFEMOON), BSC-USD and BNBBPay (BPay). They were also able to steal decent amounts of meme tokens, including Baby Doge Coin (BabyDoge), Floki Inu (FLOKI), and Moonshot (MOONSHOT). According to the PeckShield security team, the entire program can be attributed to a simple maneuver of “transfer, exchange and washing”.

Bitmart responds

To better understand how the whole incident happened, Cointelegraph contacted Bitmart. A spokesperson for the trading platform pointed out that as soon as the breach was discovered, the company took action by shutting down several systems to “limit any kind of immediate harm” – the actions included stopping withdrawals of tokens as well as stopping users from trading certain pairs. . The representative added:

“We plan to continue to roll back services gradually, but only by following the extensive testing process of our security team. Safety remains our number one priority. In fact, since Tuesday December 7, 2021 EST, we have resumed ETH and ERC20 token deposits and withdrawals. “

Additionally, a written response from the exchange also pointed out that in order to bolster its native security infrastructure, Bitmart has replaced all of its token deposit addresses against currencies like Bitcoin (BTC), Ether (ETH) and Solana (GROUND), as well as all the other tokens involved in the incident. “We have also informed our users of the relevant changes,” the statement concluded.

Finally, December 6. Sheldon Xia, Founder and CEO of BitMart, announcement via Twitter that the exchange would use its own funding to offset losses resulting from the incident: “We are also in discussions with several project teams to confirm the most reasonable solutions such as token exchanges. No user assets will be damaged.

The crypto community shows solidarity

After the nearly $ 200 million hack, members of the global Shiba Inu (SHIB) community and the Huobi Global crypto exchange jumped to offer Bitmart with all sort of assistance the exchange needs to not only bolster its existing security setup, but also to keep a close eye on the entries of its misplaced assets.

Speaking to Cointelegraph, Huobi Global Strategy Director Jeff Mei noted that in cases like the one seen in relation to Bitmart, transparency and immediate action must be given top priority, adding:

“Exchanges should alert their users, other exchanges and law enforcement authorities as soon as possible and be transparent about what they are doing to deal with hacking and loss of user funds.”

Additionally, Mei pointed out that users should avoid pooling all of their assets on a single platform or wallet, and in cases where they feel like something fishy is going on, users should not. not hesitate to contact the relevant exchange and tell them about the potential security incident.

Much like Huobi, the Shiba Inu community also confirmed their intention to help Bitmart, adding that they had already stepped up efforts to examine any potential threats to the security of ShibaSwap, a decentralized community-built exchange (DEX).

More education is needed

Raimundo Castilla, CEO of digital asset custody platform Prosegur Crypto, told Cointelegraph that what happened to Bitmart with its recent security breach was something that was only easily preventable if users of the platform had been educated enough to keep their digital assets on the outside and not on the stock market. himself:

“Hot wallets should be reserved only for funds with which you wish to trade. This sum of money should have been kept in a cold store with a vacuum system and 100% offline transactions. “

Nonetheless, Castilla added that for platforms like Bitmart to prevent future incidents, they must use a combination of innovative technologies coupled with rigid governance protocols. For starters, their private keys shouldn’t have been protected online, because anything stored online is susceptible to attack, no matter how well it is protected. “They should have been working with a whitelist, so even if someone has access to any private key, they can only send funds to a pre-confirmed wallet direction,” he explained. .

Additionally, Bitmart could have potentially used an advanced multi-party compute (MPC) co-signing system that used a multi-signature approval module. This would have required hackers to need more than one person to approve the transactions in question.

Castilla added that: “Hacking a single private key can’t do anything at all. Additionally, someone playing the role of a key account manager could have stepped in and “stopped the transaction to reach the customer and see if it was legitimate.”

Better security measures are the need of the hour

With the crypto ecosystem apparently under continuous attack from malicious hacking incidents, it should be noted that recently the digital asset lending platform Celsius also confirmed that it has been facing a loss of $ 50 million via an exploit related to the decentralized finance protocol (DeFi) BadgerDAO.

Attack Reports First surfaced December 9. The core team of protocol developers announced that they had received “multiple exports of unauthorized withdrawals” related to their clients. Afterwards, they suspended all of their existing smart contracts in order to mitigate potential losses.

That said, it hasn’t all been bad news recently, as the Synapse Bridge cross-chain protocol revealed that on November 9, its security team was able to avoid a multi-million dollar feat on the avalanche neutral dollar (nUSD) metapool, preventing criminals from blowing their way with nearly $ 8 million in digital currencies.