Deribit Pauses Withdrawals Following $28M Hot Wallet Hack

  • The hack took place around midnight on 1 November, when a malicious actor was able to access Deribit’s hot wallets and steal $28 million worth of BTC, ETH, and USDC.
  • The company noted that client assets were safe, as they were kept in cold storage, and that the loss will be covered by its own reserves.


Cryptocurrency derivatives exchange Deribit has suffered from a hack that saw $28 million worth of tokens being drained from its hot wallet, the company said in a Twitter thread on 2 November.

According to the announcement, the hack took place before midnight on 1 November, compromising Deribit’s Bitcoin (BTC), Ether (ETH), and USD Coin (USDC) hot wallets, which contained tokens worth around $28 million. The exchange has since halted all withdrawals on the platform — including those from third-party custodians Copper, Clearloop, and Cobo — and is currently performing ongoing security checks.

Withdrawals will remain closed until Deribit is 100% sure that the vulnerability has been removed, and that the platform is once again safe for use. The exchange has also assured users that their digital assets were safe as Deribit had a policy to keep 99% of all client funds in cold store — which were not affected by the hack — to limit the impact of “these type of events”. It also noted that any losses will be covered by the company reserves as to not affect its insurance funds.

The crypto derivatives exchange is the latest in a long list of companies to be impacted by malicious actors targeting crypto platforms this year. October was especially bad, becoming the biggest month for crypto crime ever, with $718 million being stolen across 11 hacks and exploits in its first two weeks alone.

Related Coverage
BonqDAO Exploited for $90M
  • A hacker was able to manipulate the price of the AllianceBlock token on BonqDAO, which allowed him to drain close to $90 million worth of crypto from the protocol.
  • Both platforms have paused their services, and are currently in the process of removing liquidity as to hinder the hacker’s ability to convert the stolen tokens.
February 2, 2023, 10:31 AM


North Korean Hackers Move 41,000 ETH Stolen From Harmony
  • North Korea’s Lazarus Group has moved around $63.5 million of crypto assets connected to the Harmony bridge hack over the weekend.
  • The hackers tried to move a portion of the funds through Binance and Huobi, but the exchanges were able to freeze their account and recover around 124 BTC.
Ankr’s Exploit Enabled an Attack on Stablecoin Issuer Helio
  • A hacker targeted a vulnerability in DeFi protocol Ankr to mint trillions of aBNBc tokens, which he eventually swapped for 5 million USDC.
  • The event caused the price of aBNBc to plummet by 99%, which allowed another individual to steal $15.5 million from stablecoin issuer Helio as it did not have up-to-date pricing on aBNBc.