CoinSpot Exploit Leads to $2 Million Loss
Australian cryptocurrency exchange CoinSpot may have been affected by an exploit that resulted in the loss of approximately $2 million worth of Ethereum (ETH). Blockchain investigator ZachXBT brought attention to the incident through his Telegram channel, expressing concerns about the security of the exchange’s hot wallets.
ZachXBT Unveils $2 Million CoinSpot Exploit
ZachXBT revealed through his Telegram channel that two wallets linked to CoinSpot had been drained of more than 1,282 ETH, valued at around $2 million. The investigation uncovered two suspicious transactions entering the alleged hacker’s wallet and then transferring the stolen funds to the Bitcoin (BTC) network using ThorChain and Wan Bridge.
CertiK, a leading blockchain security firm, pointed to a potential compromise of a private key associated with at least one of CoinSpot’s hot wallets as the likely cause of the exploit. The first transaction involved 1,262 ETH swiftly transferred from CoinSpot’s wallet to an address believed to be controlled by the attacker. A second transaction followed, sending 20.99 ETH to the same destination. Further analysis revealed that the recipient converted these funds into wrapped Bitcoin (WBTC), USDC, and USDT using various smart contracts on platforms such as Uniswap, THORchain, and WBTC.
Unveiling the Cyber Attacker’s Tactics
The attacker executed another transfer within 10 minutes, converting 831 Ether into Bitcoin via ThorChain. The stolen Bitcoin was then spread across four different wallet addresses, as discovered by CertiK’s investigative data. The owners of these Bitcoin wallets systematically divided the funds into smaller portions to hinder tracking efforts.
A closer examination of Bitcoin Explorer BTCScan data indicated that the owners were dividing the funds into smaller portions, a tactic commonly used by cyber attackers. This complexity makes it more challenging to trace the entirety of the stolen funds.
CoinSpot has not issued an official response to the exploit as of now, leaving questions about their plans to recover the lost funds unanswered.
Hot Take: CoinSpot Security Breach Raises Concerns
The recent security breach at CoinSpot has raised significant concerns about the safety and integrity of cryptocurrency exchanges. With approximately $2 million worth of Ethereum lost in this exploit, it highlights the vulnerabilities that exist within hot wallets and emphasizes the need for robust security measures in place across all platforms.
By
By
By
By
By