BigONE became the victim of a supply chain attack, which resulted in damages amounting to more than $27m losses. The attacker was able to withdraw funds from a network exploit.
On July 16, the crypto exchange suffered a third-party attack that targeted the company’s hot wallet. The team is currently working with on-chain security firm SlowMist to investigate the exploit. According to the report, the exchange’s production network was compromised in the attack that resulted in a $27 million loss.
SlowMist has managed to track down the hacker’s addresses, which are linked to Ethereum (ETH), BSC (BNB), Solana (SOL), Bitcoin (BTC) and Tron (TRX). The security firm is currently following up on the stolen funds and updating the company on the movements of funds.
So far, the company has activated internal security reserves to protect user funds from further exploits and to maintain on-chain liquidity. The team claims that all private keys remain secure and the loop hole from the attack has been identified and contained.
“For other affected mainstream and non-mainstream tokens, we are actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible,” wrote BigONE in its statement.
How was BigONE attacked?
Based on the firm’s report, the attacker was able to gain access to BigONE’s production network. This includes the live servers responsible for account management and risk controls. The attacker then modified the “operating logic” of these servers that can control which withdrawals were valid and which ones were not.
As as result, the attacker did not need to infiltrate the system to steal private keys. All they had to do was manipulate the logic servers in order to approve and process withdrawals, letting malicious actors fly under the radar and steal funds by withdrawing them from the exchange.
Upon detecting the exploit, BigONE disabled their deposit and withdrawal feature to prevent any more funds from escaping. However, the team promised to resume their services within a few hours after more security reinforcements are added.
“We are actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible,” said BigONE.
