Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
Blockchain security firm CertiK believes the $2.4 million draining of a CoinSpot hot wallet is likely the result of a “private key compromise.”
Australian crypto exchange CoinSpot has reportedly been hacked for $2.4 million in a “probable private key compromise” over at least one of its hot wallets.
According to a Nov. 8 post to his Telegram channel, blockchain sleuth ZachXBT highlighted two transactions entering the alleged hacker’s wallet. Afterward, the wallet’s owner bridged the funds to the Bitcoin (BTC) network via THORChain and Wan Bridge.
In emailed comments to Cointelegraph, blockchain security firm CertiK said the alleged exploit was the result of a “probable private key compromise” on at least one CoinSpot hot wallet.
According to data from Etherscan, a transaction totaling 1,262 Ether (ETH) — worth $2.4 million at current prices — came from a known CoinSpot wallet and entered the alleged hacker’s wallet.
The presumed attacker stole 1,262 ETH from a known CoinSpot wallet. Source: ZachXBT
The owner of the wallet address that received the 1,262 ETH then began making a series of transfers. In two separate transactions, the wallet’s owner swapped 450 ETH for 24 Wrapped Bitcoin (WBTC) via Uniswap.
The list of transactions made from the alleged attackers’ wallet. Source: DeBank
Related: Apple MacOS malware targets crypto community and engineers
Within the next 10 minutes, the address swapped 831 ETH for Bitcoin via THORChain, sending the Bitcoin to four different wallet addresses, according to CertiK investigative data viewed by Cointelegraph.
A search of Bitcoin explorer BTCScan data showed the owner of the four Bitcoin wallets distributing the allegedly ill-gained BTC to multiple new wallets, transferring smaller divisions of the funds to additional new wallets each time.
This is a tactic commonly leveraged by attackers to prolong the investigation process — making it more difficult to track the entirety of the stolen funds.
CoinSpot was established in 2013 and currently stands as Australia’s largest crypto exchange by reported user numbers, serving around 2.5 million customers. The exchange is regulated by the Australian financial watchdog, the Australian Transaction Reports and Analysis Centre, and was granted an Australian Digital Currency Exchange License by the regulator.
CoinSpot did immediately respond to a request for comment from Cointelegraph.
Magazine: Beyond crypto — Zero-knowledge proofs show potential from voting to finance
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.