- Amount Lost: $21,882,489.00
- Funds Returned: $0.00
- Category: CeFi
- Date: 2023-4-14
Quick Summary
Bitrue Exchange experienced an exploit resulting in the loss of 21,882,489 $USD worth of assets from their hot wallet.
Details of the Exploit
On April 14th, Bitrue,a centralized crypto exchange, suffered an attack on one of its hot wallets which led to the theft of 21,882,489 $USD worth of digital assets including 318 $ETH , 137,000 $QNT, 46,396,307 $GALA, 172,550,065,266 $SHIB, 756,149,367 $HOT and 310,071 $MATIC. The attacker gained access to Bitrue's hot wallet due to an access leak. In just six transactions within four hours after gaining control over the funds, they were able to withdraw all the Exchange’s assets into their own private wallet. The malicious actor then swapped stolen tokens for $ETH through Uniswap and already converted 18,610,517 $USD. The rest 3,271,972 $USD worth of stolen assets such as $SHIB and $HOT remains at the attacker's address at the moment.
Block Data Reference
Attacker address:
https://etherscan.io/address/0x1819ede3b8411ebc613f3603813bf42ae09ba5a5
Affected Hot Wallet Address:
https://etherscan.io/address/0x34d88cee9ed273fc540cd1c219369b26e736731a
Example Swap Transaction:
https://etherscan.io/tx/0x49b03ca12b107c1d84b88634ce90615613b9065cc53be090198f047876d18436
Proof Links: