THE LION SHARES

BING X HACK: A deep dive into the Security Breach

On September 20th, BingX, a well-known cryptocurrency exchange, reported the detection of "abnormal network access," suggesting a potential hacker attack on its hot wallet. This incident culminated in a substantial security breach, resulting in the loss of approximately $52 million in various digital assets.

According to Chief Product Officer Vivien Lin, the technical team noticed suspicious network activity around 4:00 AM Singapore time. In response to the breach, BingX swiftly activated its contingency plan, which involved transferring assets and suspending withdrawals to safeguard customer funds. The platform resumed withdrawals on September 21st and deposits the following day. The exchange emphasized that most client assets were stored in cold wallets, which helped minimize the losses.

BingX asserted that the loss resulting from the hack was “minor.” However, observers noted that the scale of the outflows contradicted this assertion. Blockchain data analysis firm Bitrace reported that over $43.5 million was illegally transferred from three addresses linked to BingX. In contrast, another blockchain security company, Match Systems, estimated that the breach resulted in the theft of more than $48 million from nine different crypto wallets.

On-chain data indicates that nearly $43 million was stolen from the exchange in multiple transactions, including $13.25 million in Ether, $2.3 million in BNB, and $4.4 million in USDT, among other assets. In addition to stablecoins, the hackers stole more than 360 different types of altcoins, with the most significant impact felt on tokens with low liquidity.

In light of the breach, BingX proposed an unusual solution to the hacker: a 10% bug bounty for the return of the stolen funds. The exchange sent a message promising that if the hacker cooperated within 48 hours, they would cease all legal pursuits. However, the company warned that failure to comply would lead to continued investigations in collaboration with law enforcement agencies.

Lin emphasized the broader implications of the hack, stating, "Malicious actors impede the healthy growth of the Web3 space, creating doubt among users." During her discussions at Token 2049, she stressed the importance of security as a foundational element for transitioning the crypto industry from niche to mainstream.

In 2023 alone, crypto heists have cost users approximately $1.89 billion. North Korean-backed hackers are among the most notorious, having stolen around $3 billion over the past six years.

As BingX works to recover from this significant security breach, the incident underscores the vulnerabilities present in the cryptocurrency landscape. It serves as a stark reminder of the critical importance of digital asset security and the role of cold storage in safeguarding funds. Cold storage, which keeps assets offline and away from potential hackers, is a fundamental strategy for reducing the risk of theft and loss.

BingX emphasized that the use of cold storage significantly minimized their losses during the breach. By keeping the majority of client assets offline and away from potential threats, the exchange was able to protect a substantial portion of its funds from being compromised. This incident highlights that, in an industry rife with risks, prioritizing security protocols and robust asset storage solutions is essential for protecting users' investments and fostering a more secure environment for digital assets.

How can Nemean Services prevent events like these?

Nemean Services is a premier provider of data backup solutions that specializes in the safeguarding and recovery of digital assets. Their primary focus is on air-gapped cold storage of client data, ensuring unparalleled protection against unauthorized access and data breaches. Nemean enhances data security through a clean ecosystem that includes due diligence procedures, anti-collision insurance coverage, wallet monitoring, and security advisory services. They also facilitate meticulous audits of stored data, guaranteeing data integrity.

In the event of data loss, Nemean Services can swiftly execute asset recovery, minimizing downtime and disruption. Their commitment to operational excellence is reflected in an impeccable track record; they have never encountered an operational error. This reliability is anchored in robust data management and security protocols, supported by ISO 27001 and SOC 2 accreditations.

Nemean is a member of the MITMARK Group, a leading risk advisory and crisis response company. MITMARK has a proven history as a trusted third party for prominent digital asset custodians, such as Copper, during their rapid growth phases.

With Nemean Services, digital assets are not just stored; they are fortified against risks, ensuring peace of mind in an ever-evolving blockchain landscape.