Taiwan’s BitoPro, the country’s second-largest cryptocurrency exchange, experienced a cyberattack that resulted in a loss of about NT$345 million (US$11.5 million). Blockchain analyst ZachXBT revealed the attack’s details. The Financial Supervisory Commission’s Securities and Futures Bureau quickly confirmed the security incident. It demanded that BitoPro issue a formal public statement about the breach. Meanwhile, Bito Group reassured users their assets and rights stayed secure.
ZachXBT’s analysis showed hackers exploited multiple blockchains, including Tron, Ethereum, Solana, and Polygon. After stealing the funds, the attackers moved the assets through centralized exchanges and other platforms. They traded the digital currencies to liquidate the stolen money. Moreover, the hackers used mixers such as Tornado Cash to hide the origin and destination of these assets. They also transferred funds across chains via Thorchain, shifting them into the Bitcoin network. Afterward, the money flowed into privacy wallets like Wasabi.
Blockchain technology works as a decentralized and secure ledger. It stores data in linked blocks that no single party can change without consensus. This feature makes it ideal for tracking digital assets transparently, as Binance Academy and Amazon Web Services explain. Mixers enhance transaction privacy by breaking links between senders and receivers on blockchains like Bitcoin and Ethereum. Although they protect user privacy, mixers often attract regulatory concerns due to money laundering risks, reports Block Tempo.
The platform noted the breach occurred during an upgrade of its wallet system and asset transfer process. The hackers targeted an outdated hot wallet. Hot wallets connect to the internet, allowing fast access but increasing vulnerability. By contrast, cold wallets stay offline and offer stronger protection.Once BitoPro detected the breach, it immediately moved assets to a new wallet. It also blocked further unauthorized access. The platform hired a third-party cybersecurity firm to investigate and monitor the situation.
Despite the incident, all user functions—including deposits, withdrawals, and trading—continued without interruption. BitoPro also promised to disclose the new hot wallet’s address for user verification. The company emphasized that most assets remain stored in cold wallets. These wallets stayed unaffected by the cyberattack. Both hot and cold wallets hold private keys for cryptocurrencies. Cold wallets usually come as hardware devices, like USB sticks, that remain offline. This makes them safer from hacks, according to Investopedia.
Finally, the Securities and Futures Bureau instructed Bito Group to absorb all financial losses from the cyberattack. It forbade passing the costs onto users. The bureau also urged the industry to promptly disclose major security incidents and promised to oversee improved sector security. In summary, BitoPro’s recent cyberattack highlights the risks of hot wallets and the need for robust security measures. The phrase BitoPro cyberattack underscores the ongoing challenge that the exchange faces in protecting user assets. Users and regulators alike watch closely as BitoPro works to recover from this costly event. The BitoPro cyberattack remains a critical reminder for all crypto platforms to strengthen their defenses.
