Wednesday, March 1, 2023

Investigator claims Bitbns said $7.5m hack was system maintenance

 Twitter crypto sleuth ZachXBT has alleged that Indian crypto exchange Bitbns suffered a $7.5 million hack last month but covered it up by performing “system maintenance.”

According to the investigator, the hack occurred on Feb. 1, and the attacker made off with customer assets worth $7.5 million.

Bitbns CEO admits hacking occurred

Following inquiries by the press regarding ZachXBT’s claims, Bitbns’s CEO, Gaurav Dahake, promised to address the issue at an “ask me anything” session with the exchange’s customers after an investigator the company had hired completed their analysis of the incident.

On March 1, Bitbns held the promised AMA and acknowledged that the platform had been hacked and had lost millions of dollars worth of crypto assets.

Dahake also maintained in the AMA that the hack happened simultaneously with a smart contract update and system maintenance on the platform. He further stated that he would share the full report with customers after the company completes an inquiry into the attack.

The Bitbns founder clarified that users may still withdraw money following the incident. However, some customers have claimed they were unable to make any withdrawals.

One customer posted a screenshot of Bitbns’s INR withdrawal window, indicating that withdrawal processing will take “more than 30 to 60 banking days.”

Hacked wallet belonged to Bitbns

Preliminary investigations into the hack show that when Bitbns went offline for “system maintenance,” its hot wallets simultaneously saw significant withdrawals.

According to investigators, someone made a sizable withdrawal from one wallet, “0x4960,” and sent it to another wallet, “0x24f3.”

Proof that 0x4960 was a Bitbns hot wallet was provided by eagle-eyed social media users who pointed out that the crypto exchange’s response to a customer’s inquiry regarding transaction fees charged clearly showed the company transacting on the same wallet.

Further investigation revealed that another wallet, 0x4895 received the stolen money from 0x24f3, which was then transferred to Tornado Cash.

The attacker has been taking out funds from 0x4895 in batches of 100 ETH. According to on-chain data, the most recent transaction, where someone withdrew 3 ETH, occurred on Feb. 2.

The Bitbns hack is the latest in a string of attacks on crypto platforms since the beginning of the year that has resulted in customers losing millions of dollars worth of assets.

No comments:

Post a Comment

'Groundhog Day' in Crypto as Bitcoin Again Plunges Following New Record

The world's largest crypto briefly rose above $70,000 Friday, but immediately tumbled about 5% to below $67,000 It's deja vu all ove...