- BigONE Exchange confirms a $27 million crypto theft through backend server manipulation.
- No private keys were leaked during the breach; security reserves will cover user losses.
- SlowMist and PeckShield are assisting in tracking stolen funds and monitoring wallets.
The global crypto exchange BigONE reported a $27 million loss on July 16 after a targeted supply chain attack compromised its hot wallet systems.
The exchange has assured its users that all stolen assets will be reimbursed and confirmed that the breach occurred without any private keys being leaked.
How the Attack Bypassed Security
The incident occurred in the early hours of today, July 16, when BigONE’s security team noticed unusual transactions involving platform assets. Upon investigation, the team confirmed that the breach stemmed from a third-party supply chain vulnerability.
The attacker gained access to the exchange’s production environment and manipulated the server-side logic that is responsible for user accounts and risk control. By changing how these backend systems operated, the attacker was able to authorize withdrawals and transfer funds without triggering the normal internal security alarms.
Related: GMX Hacker Returns Stolen Funds, Nets $3 Million Profit on ETH & Also Claiming Bounty
Notably, the private keys linked to BigONE’s wallets were not exposed during the breach. This form of attack, often harder to detect, bypasses traditional defenses by targeting infrastructure rather than credentials.
BigONE stated that the breach has been contained, and further losses are unlikely. The exchange immediately partnered with blockchain security firm SlowMist to track the movement of stolen funds and monitor suspicious wallet activity.
PeckShield also independently confirmed the exploit and linked it to cross-chain laundering involving Ethereum, BNB Chain, Tron, Bitcoin, and Solana.
Funds Stolen Across Multiple Chains
The exchange reported significant asset losses across several blockchain networks. Affected assets include large amounts of Bitcoin, Ethereum, Tether in multiple formats, as well as Solana, Dogecoin, XIN, and various ERC-20 tokens such as SHIB, CELR, UNI, LEO, and SNT.
In total, the stolen assets are estimated to be worth approximately $27 million. Blockchain explorers indicate that some of these funds were bridged between chains, suggesting attempts to obscure their origin.
Wallet addresses used in the attack have been made public by SlowMist. These include wallet identifiers across Ethereum, BNB Chain, Bitcoin, Tron, and Solana networks, with transaction records showing the inflow of funds shortly after the breach was executed.
Full User Compensation and System Recovery
In its official statement, BigONE emphasized that no user assets would be permanently lost. The exchange has activated its internal security reserves to cover the missing funds.
These reserves include major assets like BTC, ETH, USDT, SOL, and XIN. For tokens not held in reserve, the exchange is sourcing external liquidity through borrowing to restore balance across all affected assets.
Related: Brazil Bank Hack: ZachXBT Helps Freeze $5M in Crypto, Says Circle Refused to Cooperate
The team is working to restore full platform functionality. Deposit and trading services are expected to resume within hours, while withdrawals will be re-enabled after additional security enhancements have been completed.
The company pledged full transparency throughout the recovery and investigation process, promising to share updates and findings with users in real time.
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
