Key Takeaways
- BingX suffered a security breach targeting its hot wallet.
- The exchange commits to fully reimbursing affected users using its own funds.
Share this article
BingX, a Singapore-based crypto exchange, said it suffered a security breach that led to “minor” losses in its hot wallet on September 20 (Singapore time). The exchange is committed to fully reimbursing users for any losses incurred due to the hack using its capital.
According to a statement shared by BingX’s product manager Vivien Lin, the company’s engineering team detected unusual network access at around 4:00 AM Singapore time, suggesting a potential attack.
“We immediately started our emergency plan, including the urgent transfer of assets and [withdrawal] suspension,” Lin stated.
BingX has temporarily suspended withdrawals to conduct urgent checks and enhance wallet services. Withdrawals are expected to resume within 24 hours after enhancements to wallet services are completed.
The exchange has assured customers that most assets are secure in cold wallets, with only a minor portion affected.
“There has been [a] minor asset loss, but the amount is small and still being calculated,” Lin said, adding that the exchange will cover all losses incurred due to the hack using its own funds.
The breach was initially detected by blockchain security firm PeckShield, which reported suspicious withdrawals exceeding $13 million. Web3 security firm De.Fi later estimated the total losses at around $20 million.
According to data from EtherScan, millions of dollars worth of various tokens were transferred from a BingX hot wallet labeled “BingX 15” to another address.
At the time of reporting, the compromised wallet still held over $13 million worth of crypto assets. Further investigators revealed that funds were moved through the decentralized exchange Kyberswap, which suggests that hackers are attempting to launder stolen funds.
Share this article
