Open in app

Sign in

Write

Sign in

$450 Mln Bilaxy Hack

Insured Finance
4 min readSep 4, 2021

The Intelligent Insurer #31 — Bilaxy users frustrated over lack of insurance on the breached exchange

Seychelles-based digital assets trading platform Bilaxy Exchange has been hacked with cryptocurrencies worth roughly $450 million stolen. This is the latest in a series of exchange hacks with over $1 billion already being lost in DeFi-related exploits this year alone.

Bilaxy categorically stated that its hot wallet was compromised, and advised users not to send funds to their accounts. They have since been keeping their users updated via social media.

In the latest Intelligent Insurer, we analyze the details of the hack. We also highlight how Bilaxy users would have been eligible for compensation if they had digital asset insurance in place. But before we dive into the details of the Bilaxy hack, we provide our weekly development update.

Insured Finance Development Roundup

Given that we are close to the full launch of the Insured Finance marketplace, our development tasks have been mostly focused on refining and auditing features to ensure that they’re optimized for release. Over the past week, we made progress on several tasks that were in the pipeline and put in place further preparations ahead of our launch.

🚀 Smart contract deployment and refinement:

  • Smart contracts associated with the Insured Finance marketplace have been deployed on the Mumbai testnet. These contracts can be searched through the explorer linked here.
  • We have put in place preparation for an upcoming audit of the smart contracts. We have carried out a discussion among the development team and prepared the necessary resources for the external auditors.

🔧 Minor improvements and fixes:

  • We carried out internal tests and minor improvements on error pages and the onboarding process
  • We have an update to the landing page coming shortly

With smart contract audits taking place shortly, we are ensuring that the marketplace is fully secure ahead of its alpha launch. Upon launch, Insured Finance token holders will be able to get tailored digital asset insurance in a fully secure and optimized marketplace.

Exchange services suspended on Bilaxy

On August 28th, Bilaxy released an announcement on its Telegram channel, notifying its community that it’s hot wallet had been hacked. The instruction informed users not to send any funds to their Bilaxy accounts, while the exchange “races with the time to checking and fixing” the problem.

(Source: Telegram.org)

Less than 24 hours after the initial announcement, more details were revealed by the exchange regarding the hack. According to an update on its Telegram channel, Bilaxy explained that its ERC20 hot wallet was hacked and about 295 ERC20 tokens were affected. The stolen funds were found to have been transferred by the hacker to the wallet address linked here.

The ERC20 wallet associated with the hack is found to contain various lower cap tokens, with the lion’s share of the loot stored in USDT. Some of the other tokens contained in the wallet, which could be part of the 295 hacked tokens include XIDO, WETH, and SOTA.

(Source: Nansen.ai)

Exploring the hackers’ address on Etherescan reveals that the stolen funds are being sent to new addresses using the mixer, Tornado Cash which will obfuscate the origin of the funds. This will allow the attacker to utilize the funds without being blacklisted by various entities.

Frustrated users request for insurance

At the time of writing, users have only received assurances that Bilaxy is making efforts to fix the situation before returning to normal services. Part of the efforts towards this involves a partnership with an unnamed third-party auditing firm, with which it is collaborating to track the hacker and possibly recover the stolen funds.

It could take up to two weeks before normal services could return to its platform. One user criticized the exchange for not having an insurance policy which would have protected users against such an unfortunate occurrence.

https://twitter.com/BlentKarakus7/status/1432237170589380608?s=19

Bilaxy users could have also put in place their own insurance measures to protect against such hacks. Any Bilaxy users that had insurance in place would now be eligible for compensation. Decentralized insurance protocols like Insured Finance allow users to secure tailored insurance on their digital asset holdings.

About Insured Finance

Insured Finance is a decentralized, peer-to-peer insurance marketplace. Insured Finance users can request customized insurance on a wide variety of digital assets. Those that fulfill requests earn premiums and can earn a competitive return on their capital. Claims are fully collateralized and settled instantly.

Bitcoin
Blockchain
Insurance
Crypto
Ethereum

--

--

Insured Finance

Written by Insured Finance

511 Followers

A decentralized P2P insurance marketplace with easy claims and instant payouts. Powered by Polkadot.

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams