A exchange XT.com anunciou hoje que sua carteira foi hackeada e uma “transferência anormal de ativos” transferiu quase US$ 1 milhão em USDT. A XT confirmou que os fundos dos seus usuários permaneceram seguros e inalterados, e apenas os ativos pertencentes à bolsa foram afetados.
A bolsa com sede nas Seicheles disse que suspendeu todas as atividades em sua plataforma, incluindo retiradas de usuários. XT acrescentou que medidas imediatas estavam sendo tomadas e que contramedidas seriam lançadas em meados do próximo mês para garantir que tal evento não ocorresse novamente.
🚨 Declaração XT sobre transferência anormal de ativos da carteira da plataforma 🚨
Hoje, o XT detectou uma transferência anormal da carteira da nossa plataforma. Fique tranquilo, isso não afetará nossos usuários. 💪
🔒 Sempre mantemos reservas 1,5x maiores que os ativos do usuário para garantir a máxima segurança.
Nosso… pic.twitter.com/SdEL75PxZF
— XT Exchange (@XTexchange) 28 de novembro de 2024
The XT.com exchange, ranked 23rd on Coingecko, released a statement today reporting that 1 million USDT had been ‘abnormally’ transferred from its platform’s wallet with the on-chain address: 0xdb3ded7731c. The exchange asked its users to remain calm, reassuring them that the hack did not affect their funds. XT confirmed that it always reserved 1.5x the users’ funds due to its user-centric approach to ensure ‘maximum’ security and zero losses for the users.
The exchange added that its technical team was establishing the identities of the malicious actors and the destination of the stolen assets. XT said it remained committed to protecting its users’ assets. Freezing withdrawals and suspending other operations was one of its initial countermeasures. “All will be back to normal soon,” said the XT team.
However, blockchain security company Peckshield claimed that the stolen assets had already been swapped for 461.58 ETH sitting in a wallet with the address 0xB43f…8F83.
The XT team disclosed that steps were underway to launch the Merkle Tree Asset Proof System by mid-December for even greater transparency and heightened security.
Coingecko’s data showed that XT had over $47 million in reserves with a daily trading volume of over $3 billion.
The XT malicious attack adds to a growing list of recent incidents facing CEXs. Today, a Microsoft blog exposed a group of North Korean hackers called ‘Sapphire Sleet.’ The group posing as venture capitalists and recruiters had managed to steal over $10 million worth of crypto in six months from unsuspecting individual and institutional investors and billions in the past decade.
In September alone, the BingX exchange lost $43 million, and Indodax lost about $22 million. On-chain data revealed that BingX had lost $43 million in multiple tranches, with ETH ($13M), BNB ($2.3M), and USDT ($4.4M), among others, being drained from the exchange. Viven Lien, CFO at BingX, announced that deposits and withdrawals had been suspended as data from Etherscan confirmed that the stolen loot had been swapped for ETH.
Indodax, on the other hand, lost over $22 million worth of ETH ($14M), TRX ($2.4M), BTC ($1.4M), and MATIC ($2.5M), among other smaller tokens. The platform also suspended all activities immediately after the hack.
Other major hacking incidents that made news this year include the loss of over $300 million worth of Bitcoin from the Japanese DMM exchange in May and the loss of over $235 million worth of tokens from the Indian WazirX exchange in July.
From Zero to Web3 Pro: Your 90-Day Career Launch Plan