Key Takeaways
- In response to the breach, BingX temporarily suspended withdrawals to conduct an emergency inspection
- BingX has assured its users that the majority of its assets are held securely in cold wallets, which were not affected by the attack
Singapore-based cryptocurrency exchange BingX has confirmed a security breach involving its hot wallet on September 20. The exchange acknowledged minor asset losses and has pledged to fully reimburse users for any funds affected by the hack.
The breach was detected around 4:00 AM Singapore time, when BingX’s engineering team noticed abnormal network activity, according to a statement from Chief Product Officer Vivien Lin. โWe immediately initiated our emergency plan, including the urgent transfer of assets and withdrawal suspension,โ Lin said in a post on X (formerly Twitter).
BingX has assured its users that the majority of its assets are held securely in cold wallets, which were not affected by the attack. Only a small portion, stored in the hot wallet for immediate transactions, was compromised. Blockchain security firm PeckShield initially reported the suspicious outflow of funds, estimating the loss to be over $13.5 million. Another analytics platform, Lookonchain, suggested the figure could be as high as $26 million.
Despite these reports, Lin described the losses as โminorโ and โmanageable,โ emphasizing that the breach would not impact BingXโs broader operations. โWe will fully compensate users for any losses incurred due to the hack, using our own funds,โ she added.
In response to the breach, BingX temporarily suspended withdrawals to conduct an emergency inspection and bolster wallet security. Lin confirmed that withdrawals are expected to resume within 24 hours once these security enhancements are completed.
According to blockchain data, millions of dollars worth of cryptocurrency were transferred from a BingX hot wallet, labeled “BingX 15,” to another address. Some of the stolen funds were later moved through decentralized exchanges like Kyberswap, a common tactic used by hackers to obscure the trail of stolen assets.
A recent report by Immunefi, released on August 29, stated that the crypto industry has lost $1.21 billion in digital assets due to hacks and rug pulls so far in 2024. The report stated that the first eight months of 2024 saw more than 150 incidents of hacks and rug pulls.
