skip to Main Content
bitcoin
Bitcoin (BTC) $ 95,696.64 2.73%
ethereum
Ethereum (ETH) $ 3,319.60 4.02%
tether
Tether (USDT) $ 0.997195 0.22%
xrp
XRP (XRP) $ 2.16 5.32%
bnb
BNB (BNB) $ 687.16 1.92%
solana
Solana (SOL) $ 187.73 5.01%
dogecoin
Dogecoin (DOGE) $ 0.312242 5.10%
usd-coin
USDC (USDC) $ 0.998649 0.15%
staked-ether
Lido Staked Ether (STETH) $ 3,321.06 3.91%
cardano
Cardano (ADA) $ 0.858936 5.51%

Crypto exchange CoinSpot reportedly suffers $2M hot wallet hack

Blockchain security firm CertiK believes the $2.4 million draining of a CoinSpot hot wallet is likely the result of a “private key compromise.”

207 Total views

1 Total shares

Crypto exchange CoinSpot reportedly suffers $2M hot wallet hack

Australian crypto exchange CoinSpot has reportedly been hacked for $2.4 million in a “probable private key compromise” over at least one of its hot wallets.

According to a Nov. 8 post to his Telegram channel, blockchain sleuth ZachXBT highlighted two transactions entering the alleged hackers wallet. Afterwards, the wallet’s owner bridged the funds to the Bitcoin (BTC) network via ThorChain and Wan Bridge.

In emailed comments to Cointelegraph, blockchain security firm CertiK said the alleged exploit was the result of a “probable private key compromise” on at least one CoinSpot hot wallet.

According to data from Etherscan, a transaction totalling 1,262 Ether (ETH) — worth $2.4 million at current prices — came from a known CoinSpot wallet and entered the alleged hackers wallet.

The presumed attacker stole 1,262 ETH from a known CoinSpot wallet. Source: ZachXBT

The owner of the wallet address that received the 1,262 ETH then began making a series of transfers. In two separate transactions, the wallet’s owner swapped 450 ETH for 24 Wrapped Bitcoin (WBTC) via Uniswap.

The list of transactions made from the alleged attackers’ wallet. Source: DeBank

Related: Apple MacOS malware targets crypto community and engineers

Within the next 10 minutes, the address swapped 831 ETH for Bitcoin via Thorchain, sending the Bitcoin to four different wallet addresses, according to CertiK investigative data viewed by Cointelegraph.

A search of Bitcoin explorer BTCScan data, showed the owner of the four Bitcoin wallets distributing the allegedly ill-gained BTC to multiple new wallets, transferring smaller divisions of the funds to additional new wallets each time.

This is a tactic commonly leveraged by attackers to prolong the investigation process — making it more difficult to track the entirety of the stolen funds.

CoinSpot was established in 2013 and currently stands as Australia’s largest crypto exchange by reported user numbers, serving around 2.5 million customers. The exchange is regulated by Australian financial watchdog AUSTRAC and was granted an Australian Digital Currency Exchange License by the regulator.

CoinSpot did immediately respond to a request for comment from Cointelegraph.

Magazine: Beyond crypto — Zero-knowledge proofs show potential from voting to finance

Loading data ...
Comparison
View chart compare
View table compare
Back To Top