BigONE, a mid-sized crypto exchange based in Seychelles, recently fell victim to a major security breach that resulted in the loss of approximately $27 million in digital assets, including Bitcoin, Ethereum, USDT, SOL, and XIN .
-
The attack targeted BigONE’s hot wallet via a supply-chain vulnerability, compromising its production network and server logic—per malware analysis by security firm SlowMist, which is now aiding the investigation .
-
The exchange responded swiftly by suspending deposits and trading, while keeping cold storage wallets unaffected, and claims to have already secured the breach path.
BigONE has committed to fully reimbursing users, drawing on its own internal reserves and borrowed funds to stabilize operations. Withdrawals are expected to resume after thorough security enhancements . The attack echoes earlier, larger hacks—like Bybit’s $1.4B incident—demonstrating ongoing risks tied to hot wallets .
-
Hot disharmony: This incident underscores the recurring vulnerability of hot wallets—funds are immediately available but highly exposed.
-
Reimbursement trend: BigONE following preceding incidents by pledging to “make users whole” echoes Bybit’s response, though such commitments aren’t always legally binding.
-
Exchange assurances: Promises to cover losses bolster customer confidence—but long-term trust will depend on audit data and independent verification.
-
The BigONE hack is a stark reminder that even seemingly secure exchanges can be vulnerable to complex attacks. While the full reimbursement offer is encouraging, the industry must continue evolving—from operational controls to regulatory safeguards—to truly protect user assets.
