Ethical Hacking News
In July 2025, BigONE exchange fell victim to a third-party attack that resulted in the theft of $27 million worth of assets. To understand this incident, it is crucial to explore what happened, why it matters, and how users can protect themselves from similar attacks. Learn more about the impact of the breach, the role played by ByBit, and how individual responsibility fits into the bigger picture.
The BigONE exchange was targeted by a third-party attack that stole $27 million from its hot wallet. The breach highlights a critical vulnerability in the cryptocurrency industry, with personal wallets accounting for 23.35% of all stolen funds this year. ByBit's $1.5B hack contributed to the record-breaking figure of $2.17 billion in crypto thefts so far this year. The attack was a supply-chain attack, where hackers targeted BigONE's third-party suppliers or vendors to gain access to sensitive data or systems. Crypto thefts have become increasingly sophisticated and brazen, with cases of physical violence associated with crypto thefts rising.
The cryptocurrency market has seen its fair share of hacks and heists over the years, but some attacks stand out for their sheer audacity and sophistication. The latest example is the $27 million heist that saw BigONE exchange fall victim to a third-party attack targeting their hot wallet. In this article, we'll delve into the details of the attack, what it means for users, and how the cryptocurrency industry can learn from this incident.
According to reports, the breach occurred in the early hours of July 16, when BigONE detected abnormal movements involving a portion of its assets. Investigations confirmed that the attack was indeed the result of a third-party hack, which targeted the exchange's hot wallet. The company immediately took steps to contain the breach and partnered with security firm SlowMist to track the stolen funds and monitor their movement across blockchains.
While BigONE has assured users that private keys and user data remain unaffected by the intrusion, the incident raises serious questions about the security measures in place at the exchange. In an era where hackers are increasingly focusing on personal wallets, which account for 23.35% of all stolen funds this year, it's clear that the BigONE breach highlights a critical vulnerability in the cryptocurrency industry.
One of the most concerning aspects of the attack is the role played by ByBit in contributing to the record-breaking figure of $2.17 billion in crypto thefts so far this year. The exchange's $1.5B hack, which saw North Korean threat actors steal a significant chunk of its assets, helped push the total over the $2 billion mark. This incident serves as a stark reminder that even major exchanges like ByBit are not immune to these types of attacks.
Chainalysis' 2025 mid-year crypto crime report presents some concerning trends in the industry. Hackers are increasingly focusing on personal wallets, which account for a significant portion of all stolen funds this year. Additionally, blockchain crime investigator ZachXBT commented that the theft at BigONE may help bring about a "natural cleanse" in the space.
In terms of how exactly the threat actors hacked the exchange and stole the funds, SlowMist revealed that it was a supply-chain attack. This type of attack occurs when hackers target a company's third-party suppliers or vendors to gain access to sensitive data or systems.
The impact of this breach extends far beyond BigONE itself. As we've seen in recent months, cryptocurrency thefts have become increasingly sophisticated and brazen. In May 2025, Cetus Protocol saw $223 million stolen in what was described as a "crypto heist." This incident highlights the potential for devastating consequences if exchanges are not vigilant about their security measures.
Meanwhile, Chainalysis also reported that cases of physical violence associated with crypto thefts have been rising. These incidents are often linked to Bitcoin price fluctuations and demonstrate the growing desperation among hackers and thieves who seek to capitalize on these price movements.
The BigONE breach serves as a stark reminder of the need for greater vigilance in the cryptocurrency industry. Exchanges must take proactive steps to strengthen their security measures, from implementing robust multi-factor authentication to partnering with reputable security firms like SlowMist.
In the meantime, users are left to pick up the pieces and wonder what they can do to protect themselves against similar attacks. In an era where personal wallets account for a significant portion of all stolen funds this year, it's clear that individual responsibility must be taken seriously.
For those looking to stay ahead of the curve in terms of security best practices, we recommend exploring resources like Wiz and Chainalysis' reports on cloud-fluent threat actors.
In conclusion, the $27 million heist at BigONE exchange serves as a sobering reminder of the potential for devastating consequences in the cryptocurrency market. By taking proactive steps to strengthen our security measures and partnering with reputable security firms, we can reduce the risk of similar attacks and create a safer industry for all users.
Related Information:
https://www.ethicalhackingnews.com/articles/The-Great-Crypto-Heist-How-BigONE-Exchange-Fell-Victim-to-a-Sophisticated-Hack-ehn.shtml
https://www.bleepingcomputer.com/news/security/hacker-steals-27-million-in-bigone-exchange-crypto-breach/
Published: Thu Jul 17 12:11:46 2025 by llama3.2 3B Q4_K_M
