On Thursday, Bitrue announced on Twitter that it found a security breach in its system and lost slightly over $4 mln in XRP and ADA belonging to its users.
At approximately 1am June 27 (GMT+8), a hacker exploited a vulnerability in our Risk Control team's 2nd review process to access the personal funds of about 90 Bitrue users.
— Bitrue (@BitrueOfficial) June 27, 2019
A hacker hits Bitrue
Earlier today, the exchange announced on its account that it was going to suspend all operations due to the scheduled maintenance. However, in the posts that followed soon after, the Bitrue team said that apparently a hacker or a group of them had exploited a vulnerability in the system and had stolen a substantial amount of crypto through a security breach.
Heads up, @BitrueOfficial platform will be down for some scheduled maintenance on June 29 15:00-18:00 (GMT+8) while we perform a few upgrades. Sorry for any inconvenience, please plan ahead! https://t.co/9hLakZXh4j pic.twitter.com/tji8jP2URZ
— Bitrue (@BitrueOfficial) June 26, 2019
The losses amount to 9.3 mln XRP and 2.5 mln Cardano (ADA). That is about $4.2 mln.
The hacker used what they learned from this breach to then access the Bitrue hot wallet and move 9.3 million XRP and 2.5 million ADA to different exchanges.
— Bitrue (@BitrueOfficial) June 27, 2019
Bitrue is handling the aftermath
The team mentioned that the funds were stolen from a hot wallet and belonged to users. However, the team is working to retrieve the lost crypto and has notified the relevant authorities to get assistance from them. They have promised that all the lost crypto assets will be returned to the owners.
At present, Bitrue is collaborating with Bittrex, Huobi and ChangeNOW, where the stolen coins have been sent by the culprits, to get them to freeze the stolen funds.
The attack was soon detected, and activity was temporarily suspended on Bitrue. We alerted the receiving exchanges about the situation, and wish to extend our thanks to @HuobiGlobal, @BittrexExchange and @ChangeNOW_io for their help in freezing the affected funds and accounts.
— Bitrue (@BitrueOfficial) June 27, 2019
Apart from that, the hacked platform is busy making an emergency check-up of all its systems in order to resume normal operations for customers as soon as possible.
Earlier this year, Bitrue faced a 51% attack against Ethereum Classic (ETC), when criminals tried to steal 13,000 ETC. The exchange reps stated that the attack was ultimately prevented thanks to the security system of Bitrue.
Arman Shirinyan
Denys Serhiichuk
Tomiwabold Olajide