The Intelligent Insurer #44 — Hackers use stolen private key to carry out heist on crypto exchange
BitMart became the latest victim of a cryptocurrency exchange hack with almost $200 million stolen from the platform. The total amount stolen was spread across multiple cryptocurrencies on two different blockchains, Ethereum and Binance. The hackers reportedly accessed a private key that compromised the exchange’s security mechanisms.
In the latest Intelligent Insurer, we highlight the details of the hack and how the thieves were able to gain access before being noticed. We also detail the reactions that followed the incident, and how BitMart is trying to manage customer concerns.
BitMart falls victim to security breach
On Sunday, December 5th, 2021, blockchain security company PeckShield announced via its Twitter handle that BitMart exchange was hacked and several tokens were transferred out of its Ethereum hot wallets, amounting to a total of $100 million.
Prominent among the tokens listed by PeckShield is Shiba Inu (SHIB), of which 893.8 billion tokens, worth about $33.4 million at the time, were stolen by the hacker. Other digital assets included in the list by PeckShield are Saitama, Elon, Gala, Stars, Luffy, and several others.
Shortly after the initial announcement, PeckShield followed up with another tweet showing that not only BitMart’s Ethereum hot wallet was affected, but also tokens from its Binance chain were stolen as well, amounting to about $96 million. The assets affected included Safemoon, X2P, Babydoge, Floki, among several others.
Bitmart, through its founder and CEO, Sheldon Xia, was quick to acknowledge that a hack had taken place and digital assets were stolen. At the time of the initial response, the hacker’s mode of operation was unknown. However, it was noted that the hacker had already started withdrawing the stolen funds via the popular Ethereum-based mixing service Tornado Cash.
After investigations, Xia confirmed that the hackers were able to gain access to the platform by stealing the private keys of the affected wallets. This indirectly puts the responsibility of the incident on the exchange.
Compensation plans announced following security incident
Xia announced that BitMart plans to compensate the affected users out of its pocket. The firm is expected to lean on funding it received previously from venture capital investors to compensate users. Meanwhile, top cryptocurrency exchange, Huobi has thrown its weight behind BitMart, promising to help track the stolen funds. Houbi said that it will help by monitoring inflows to its platform, and anyone matching the related assets in the hack will be reported on time.
This is an approach that has been adopted in the past with a reasonable degree of success. However, with the hacker adopting the services of a crypto-mixing platform, the stolen assets will become difficult to trace, especially when involving non-compatible chains.
Bitmart’s users now have to wait and watch how the exchange will handle the situation. When compensation is promised, users are not assured of full compensation. Such uncertainties, along with the ever increasing number of DeFi platform hacks, sum up the risks involved when investing in cryptocurrencies. This is why many users are embracing insurance solutions that offer complete protection.
Solutions such as Insured Finance provide a safety net for all classes of cryptocurrency users. It protects users from unexpected setbacks like exchange hacks, rug pulls, stablecoin failures, and other kinds of risks in the industry. Any BitMart user with an Insured Finance package would have been paid in full by now. This is the safest way to protect your digital assets.
About Insured Finance
Insured Finance is a decentralized, peer-to-peer insurance marketplace. Users can request customized insurance on a wide variety of digital assets, thereby ensuring full protection. Those fulfilling requests can earn premiums and earn a competitive return on their capital. Claims are fully collateralized and settled instantly.