BitMart suspends withdrawals after hackers drained almost $200 million in cryptocurrencies using a stolen private key

BitMart suspends withdrawals after hackers drained almost $200 million in cryptocurrencies using a stolen private key
HackerNurPhoto / Getty Images
  • Crypto exchange BitMart suspended withdrawals Sunday after hackers ran off with $196 million from wallets.
  • Sheldon Xia, BitMart's CEO, said on Monday the crypto was taken using a stolen private key.
  • Crypto fraud is on the rise. The BXH exchange lost $139 million last month after an admin key was leaked.

Close to $200 million in cryptocurrencies has been stolen from wallets from the BitMart exchange using a stolen private key, according to the company's chief executive.

On Monday BitMart's CEO Sheldon Xia said that they discovered that the cryptocurrencies were withdrawn using a stolen private key which usually enables a user to access their cryptocurrency.

"We have identified a large-scale security breach related to one of our ETH (ether) hot wallets and one of our BSC (binance smart chain) hot wallets, " Xia said on Twitter.

PeckShield inc, a data analytics company said on Twitter Sunday $100 million was taken from the ethereum network and $96 million from the binance smart chain blockchain. The assets affected included meme coins floki inu and shiba inu, among several other altcoins.

PeckShield inc. said that the money was stolen using a "pretty straightforward: transfer-out, swap, and wash" technique.


After getting the funds out of BitMart, the hackers may have used a decentralized exchange aggregator to swap the stolen tokens for ether, according to PeckShield's tweet. Then the hacker could have deposited the funds into a privacy protocol, which makes the money difficult to trace.

Xia had said on Twitter Sunday approximately $150 million was stolen from the centralized global exchange that is based in the Cayman Islands and BitMart suspended withdrawals from its crypto wallets.

He has since said the company hopes to gradually resume the deposit and withdrawal functions on December 7. Xia also said BitMart will use its own funding to compensate affected users and they were talking to project teams about the most reasonable solutions such as token swaps.

BitMart is not the only exchange to be hacked using a private key. In early November, $139 million was taken from the Boy X Highspeed, decentralized cross-chain exchange. The company's CEO Neo Wang told CoinDesk this was due to a leaked administrator key and was probably an inside job.

Last week, the Celsius Network's CEO Alex Mashinsky said the crypto lending platform had lost $120 million from a hack on BadgerDAO, a decentralized finance platform.


In August, more than $600 million worth of cryptocurrencies was stolen from the poly network, but nearly half of the money was later returned.