Hotbit Shuts Down After Unsuccessful Hack Attempt
- After the attempted hack, the exchange was forced to shut down all of its services, and enter maintenance mode, which could last between 7 and 14 days.
- Hotbit noted that user funds remain safe, but warned its customers to be weary of phishing attempts, as its database had been compromised.
Shutterstock
Cryptocurrency exchange Hotbit was forced to shut down its services after a hacker unsuccessful tried to get access to its wallets, Hotbit said in a notice on 30 April.
According to the announcement, the exchange had a “number of some basic services” paralyzed after it suffered a serious cyber-attack at 08:00 PM UTC on 29 April. While the attacker was unsuccessful in obtaining access to Hotbit’s wallets, he was able to compromise the platform’s user database. Hotbit has now paused all of its services in order to conduct a maintenance of the platform. The exchange noted this has been its “biggest setback” since Hotbit was established in 2018, and further said:
“In the future, Hotbit team will continue to strengthen security departments. Meanwhile, by cooperating with world’s famous third-party Internet security teams, Hotbit will also conduct thorough inspection and investigation on the attack issue and thoroughly upgrade security level of the whole system.”
In the notice on its website, the exchange warned its customers their phone number, email address and asset data might have been leaked, and advised them to disregard communication attempts from entities claiming to be from Hotbit. Users funds, however, appear to be “safe and secure”, as the platform’s risk control system was able to identify and stop the attack on time.
The exchange also said that any pending trading orders on its platform will be canceled to prevent losses, and that Hotbit will be “fully responsible” for any losses that come from exchange-traded funds (ETFs) listed on it during the maintenance period. The exchange further said:
“All daily routine income distributions (such as investment products, current products and FIL cloud computing power ) will be paid out after the maintenance is completed .”
As per the notice, the exchange expects to remain in maintenance mode for at least seven days, so it has time to inspect and restore all of its services. Hotbit also said it was planning to upgrade its systems and completely rebuild all of its serves, numbering over 200, which could take it as long as two weeks.
In its Telegram channel the exchange explained it was now in the process of moving all funds from its hot wallet to a newly created cold wallet. Data from Etherscan has confirmed this, with tokens getting transferred from one of Hotbit’s known wallets to a new address, that holds around $14 million in multiple tokens.
- Popular Telegram bot Unibot, which is used to snipe trades on Uniswap, became a victim of a token approval exploit earlier today, when it was switching to a new router.
- After confirming the exploit, Unibot assured users that their keys and wallets were safe, and that the project will compensate all affected users.
Shutterstock
- DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
- The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.
- A cyber security incident at bankruptcy service provider Kroll has resulted in the exposure of “non-sensitive” customer data for claimants involved in the FTX and BlockFi cases.
- Both companies confirmed that account passwords, systems, and funds remained safe, but warned customers to be on the lookout for phishing scams.