Singapore-based exchange BingX has confirmed that it has suffered “minor asset losses” after the crypto community discovered a large number of “suspicious” transactions from one of its hot wallets.

Vivien Lin, BingX’s product manager, said in a post on X on September 20 that BingX’s engineering team “detected unusual network access” at around 4 a.m. Singapore time and suspected that there had been a “hacker attack on BingX’s hot wallet.”

“We immediately implemented a contingency plan, including rapid asset transfers and a temporary suspension of withdrawals,” Lin added. “There has been a small loss of assets, but the amount is insignificant and is still being calculated.”

BingX only stores a small amount of cryptocurrency in hot wallets for withdrawals, but the exchange has temporarily suspended withdrawal services to conduct “urgent inspections and enhance the security of wallet services,” she said, with withdrawals expected to be restored within 24 hours.

Previously, on September 20, blockchain security firm PeckShield posted on X that it had detected a “large suspicious flow” from BingX, totaling more than $13.5 million.

Data from EtherScan, shared by PeckShield, shows that one address received millions of dollars worth of various tokens across multiple blockchains from a wallet called “BingX 15,” one of the exchange’s hot wallets.

Web3 antivirus company De.Fi also reported on X that an estimated $20 million was lost across multiple blockchains – the wallet was holding over $13.1 million worth of cryptocurrency across nine blockchain addresses at the time of writing.

Recent transactions show that the address moved some funds through the decentralized exchange Kyberswap, a common tactic used by hackers to hide the origin of the funds.