BitMart confirmed that hackers were successful in stealing about $150 million from the trading platform for cryptocurrency over the weekend.
In a statement posted to BitMart users on Monday, the company said an initial security check shows that the hack was caused by a stolen private key with two compromised hot wallets. A Dec. 4 statement identified a “large-scale” security breach related to one of its Ethereum hot wallets and one of its Binance Smart Chain hot wallets.
No other wallets were affected, according to the statement, but BitMart suspended all withdrawals until further notice while it conducts a thorough security review. The statement Monday said the company was confident deposit and withdrawal functions will gradually begin on Dec. 7.
In the meantime, the firm said it will pay to compensate affected users and multiple project teams are working on solutions to the hack. BitMart’s CEO will host an “ask me anything” on Telegram at 8 p.m. Eastern Standard Time regarding the breach.
According to MSSP Alert, BitMart is a Cayman Islands-based global digital assets trading platform with more than 5.5 million users worldwide. Other outlets have reported that the hackers stole an estimate closer to $200 million.
Comparitech updated its history of crypto heists and Paul Bischoff, privacy advocate with Comparitech, commented: "The BitMart hack is the sixth-largest cryptocurrency heist of all time by amount of funds lost. It's the second big crypto heist this month that made the top 10, with BadgerDAO coming in ninth place."
While blockchains are reasonably secure, the same isn't always true for exchanges where people buy, sell and trade crypto, Bischoff continued. "It's difficult for customers to know which exchanges have sufficient security and make an informed choice. An exchange that operates 10 years without a security incident can still be crippled and put out of business by a single large-scale heist."