BITMART GOT HACKED $196M

[oHnK]

Today, I've just read the news about hack which happens in the Bitmart exchanger, the loss has reached $ 196 M. I don't know how the security level in the exchanger and I don't have account in the site. But, after I read the news, this case happen with various kind of crypto then with 2 network such as ERC 20 and BEP 20.

I wanna discuss about this case, why the centralized exchanger is really easy to be hacked? Whats wrong with the security level? Whether they dont use email confirmation or Google authenticator, etc for their security?

Source : https://www.coindesk.com/business/2021/12/05/crypto-exchange-bitmart-hacked-with-losses-estimated-at-196-million/

[Naficopa]

Today, I've just read the news about hack which happens in the Bitmart exchanger, the loss has reached $ 196 M. I don't know how the security level in the exchanger and I don't have account in the site. But, after I read the news, this case happen with various kind of crypto then with 2 network such as ERC 20 and BEP 20.

I wanna discuss about this case, why the centralized exchanger is really easy to be hacked? Whats wrong with the security level? Whether they dont use email confirmation or Google authenticator, etc for their security?

Source : https://www.coindesk.com/business/2021/12/05/crypto-exchange-bitmart-hacked-with-losses-estimated-at-196-million/

Of course it's not easy to hack exchange. I don't know the exact situation with bitmart so it's hard to say if it was the fault of weak security. However, when it comes to hacking the exchanges, it is mostly the information from inside that helps to make the hack.

[Darker45]

I guess the answer is found right there in the question itself. It is probably because it is centralized. There is a single point of attack. That $100 million was stored in a single hot wallet, the other $96 million in another. We do not know what the specific security flaw is but the point is that the hacker knows the target. He/she is only left with the how.

Hack incidents involving centralized exchanges are more or less a common occurrence in crypto's history. And it still makes me wonder until today why the top exchanges are still the centralized ones.

[dkbit98]

I wanna discuss about this case, why the centralized exchanger is really easy to be hacked? Whats wrong with the security level? Whether they dont use email confirmation or Google authenticator, etc for their security?

They are not hacking exchanges with email hacks, so it makes no difference if they have 2FA or not.
Centralized exchanges are usually holding coins in hot and cold wallets and hackers can steal coins from hot wallets much easier.
Security breach in Bitmart case was probably leaked private keys for one of their hot wallets, but it's crazy decision to hold so much coins in hot wallets in the first place.
Regular users should NEVER hold coins on any centralized exchanges, that should be used only for trading.

[OmegaStarScream]

There's no simple answer since each centralized exchanged have different infrastructure/protocol. It could be anything from low budget/resource for security to inside job.

Whatever it was, this should be removed from their website:

Advanced risk control system in the market. Hybrid hot/cold wallet systems and multi-signature technologies. 100% secure for trading and digital asset management

The good thing is that it appears that they're planning to compensate their users for the losses: https://twitter.com/BitMartExchange/status/1467727896466780167

[BitMaxz]

This is another story of an exchange being hacked actually I do not believe that they are hacked.
From the start, before they enter into this business they should focus on security.

What I noticed is that in every bear market just like before there are some exchanges being hacked so I think this is an inside job I don't have any evidence to provide but since they are planning to compensate their users it might be just a strategy to get benefits selling them right now before the huge price drop to any coins/token they have and then they are going to pay their users after the huge price drop.

[stomachgrowls]

So another exchange platform bite on the dust?  One of the risk when you do really make exchange wallets to be your main ones yet you wouldnt know on when they would be hacked.In talks about exchange platform security then this is something they would really be focusing on because its business
and as an owner then you wont really be that dumb that you wont be focusing on this one.

Exchange are honey spots of hackers yet they do they could siphon hundreds of millions of dollars if they would succeed.

So i do feel sorry for those who lost up money on this particular exchange.

[Naficopa]

The good thing is that it appears that they're planning to compensate their users for the losses: https://twitter.com/BitMartExchange/status/1467727896466780167

I would like that to happen, but with such a large amount, I'm afraid it might be impossible. I think they are only writing this to show their will to correct the situation and remove all suspicions. Theoretically, a return on business profits is possible, but it would probably last many years.