Bilaxy, a Seychelles-based crypto exchange, announced on Sunday that its ERC20 hot wallet has been hacked, resulting in a heavy loss.
Though the exchange is a lesser-known one, the hack could be one of the largest seen in the industry. The exchange did not officially reveal the magnitude of the hack, but, according to many estimates, hackers siphoned around $450 million in digital assets.
The exchange first informed its users about the hack on its Telegram channel, detailing that it suffered a ‘serious hack’ between 6 pm and 7 pm UTC on August 28. It also revealed that the hackers transferred 295 different ERC20 tokens from the wallet. The compromised tokens include Tether (USDT), USD Coin (USDC), Uniswap (UNI), and others.
As an emergency measure, the crypto exchange suspended activities on its platform and moved ‘hundreds of tokens’ from its hot wallets to secure cold wallets. It further urged users to stop deposits on the exchange.
⚠️⚠️Top Urgent-Bilaxy Hacked Notice
Pls note Bilaxy Hot wallet was hacked, ❌pls DON’t send any funds to your bilaxy accounts again. We are racing with the time to checking and fixing. Pls wait for further [email protected] @ICO_Analytics @CoinMarketCap @
— Bilaxy (@Bilaxy_exchange) August 29, 2021
A Major Breach
The exchange is now investigating the attack and shared the address of the hacker to which the funds were transferred. According to the blockchain data, the address only holds more than 100 Ether worth around $322,000 as of press time.
Hoge Finance, an Ethereum-based decentralized finance protocol, said that nearly 1 billion HOGE tokens were compromised in the Bilaxy hack by the attacker. The fiat value of the only siphoned HOGE token comes at around $22 million.
Crypto exchanges and wallet platforms always remained hot targets of cybercriminals. The industry has been facing attacks from the early days of Bitcoin.
Most recently, attackers breached the security of the Japanese crypto exchange Liquid. In another incident, cross-chain protocol Poly Network suffered a $611 million hack, but the hacker later returned most of the compromised funds.
Source: Read Full Article