Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Incidents

BigONE Crypto Exchange $27M Hit

July 18, 2025
Reading Time: 3 mins read
in Incidents
Co-op Data Stolen of 6.5M Members

On July 16, cryptocurrency exchange BigONE detected a significant security breach affecting its hot wallet infrastructure, leading to an estimated loss of approximately $27 million in digital assets. The incident was identified as a “third-party attack,” with BigONE swiftly confirming that abnormal asset movements triggered real-time monitoring alerts. Despite the substantial loss, the exchange has assured its users that all private keys remain secure, and the specific attack path has been identified and contained to prevent any further compromise of funds. This proactive response, including immediate collaboration with blockchain security firm SlowMist, aimed to trace the attacker’s wallet addresses and diligently monitor the flow of the stolen funds.

BigONE has publicly committed to covering all losses incurred by its users from this breach, emphasizing its dedication to keeping user assets intact.

To fulfill this pledge, the company has already activated its internal security reserves, which comprise a mix of popular cryptocurrencies such as Bitcoin (BTC), Ethereum (ETH), USDt, Solana (SOL), and Mixin (XIN). These reserves are being utilized to replenish the affected user funds. For other mainstream and non-mainstream tokens that were impacted, BigONE stated it is actively seeking external liquidity through borrowing mechanisms to restore the platform’s wallet balances as quickly as possible, demonstrating a robust effort to mitigate the financial impact on its user base.

Blockchain security firm Cyvers suggested the attacker exploited the platform’s production network, likely through compromised CI/CD (Continuous Integration/Continuous Deployment) or server management channels. This infiltration allowed the attacker to modify business logic and disable crucial risk-control checks, effectively bypassing BigONE’s security protocols. The attack reportedly commenced with the deployment of malicious binaries to account-operation servers, followed by the unauthorized draining of 350 ETH ($1.1 million).

The attacker then rapidly expanded withdrawals across Bitcoin, Solana, and Tron networks, consolidating the stolen assets into a single external address, likely in preparation for laundering.

Industry experts have weighed in on the implications of such an attack. Yehor Rudytsia, an on-chain security researcher at Hacken, emphasized the critical need for strengthened security in CI/CD pipelines, stringent control over dependencies, and continuous on-chain and off-chain monitoring of the entire infrastructure for exchanges. Rudytsia also highlighted that Automated Incident Response is an indispensable security measure for all exchanges, designed to halt exploitation swiftly and secure as much of the funds as possible. This incident serves as a stark reminder that even with sophisticated security measures, vulnerabilities in the supply chain and backend operations can be exploited.

Further analysis by Cyvers revealed several critical security gaps that contributed to the incident. These included a single-point failure in hot-wallet management, insufficient code integrity controls, a lack of pre-transaction validation, and limited network segmentation between build and wallet-management servers. The stolen funds were quickly converted to Wrapped Ethereum (WETH)/ETH and routed through fresh intermediary addresses, indicating preparations for mixing or decentralized exchange activity to obscure the money trail. This BigONE hack follows closely on the heels of another significant exploit, with Arcadia Finance, a decentralized finance (DeFi) platform on the Base blockchain, suffering a $3.5 million theft just a day prior, underscoring the ongoing and evolving security challenges within the broader cryptocurrency ecosystem.

Reference:

  • Crypto Exchange BigONE Suffers $27M Loss in Third-Party Breach Exploiting External Systems
Tags: cyber incidentsCyber Incidents 2025Cyber threatsJuly 2025
ADVERTISEMENT

Related Posts

Union Cyberattack Raises Concerns

Union Cyberattack Raises Concerns

October 22, 2025
Union Cyberattack Raises Concerns

Romanian Prisoner Hacks Prison IT

October 22, 2025
Union Cyberattack Raises Concerns

Hackers Claim Data On NSA Officials

October 22, 2025
Russian Hackers Leak UK MoD Files

Muji Stops Online Sales After Attack

October 21, 2025
Russian Hackers Leak UK MoD Files

Major Telco Confirms Cyber Breach

October 21, 2025
Russian Hackers Leak UK MoD Files

Russian Hackers Leak UK MoD Files

October 21, 2025

Latest Alerts

Copilot Flaw Exposes Sensitive Data

PolarEdge Expands Router Botnet

Google Finds New Russian Malware

BitLocker May Lock Your Data Silently

North Korea Hackers Use New JS Malware

WatchGuard Devices At Risk Of RCE

Subscribe to our newsletter

    Latest Incidents

    Union Cyberattack Raises Concerns

    Romanian Prisoner Hacks Prison IT

    Hackers Claim Data On NSA Officials

    Muji Stops Online Sales After Attack

    Major Telco Confirms Cyber Breach

    Russian Hackers Leak UK MoD Files

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial