DESC: This article describes how user funds were stolen in the BingX exchange hack. The amount of damage in the BingX hack is $43 million. 

BINGX HACK 

On Friday morning, September 20, 2024, unknown hackers hit BingX for an initial estimated $43 million.  Singapore-based crypto exchange BingX suffered a security breach of its hot wallet system, resulting in a significant loss of funds. The hack caused BingX to lose at least $43 million.

Today, it was announced that the hot wallet exchange of the centralized exchange BingX was attacked by hackers: 

Figure 1 – Official statement of the exchange on the social network X.com

According to Chief Product Officer Vivien Lin, the technical team detected suspicious network access around 4 o’clock Singapore time, indicating a hacker attack on the BingX hot wallet. A contingency plan to transfer assets and suspend withdrawals was activated. 

Currently, withdrawals are temporarily suspended for verification and security enhancements. 

Technical support claims that withdrawals will resume within 24 hours, and a plan is being prepared to compensate for lost funds: 

Figure 2 – Product director Vivian Lin’s statement about the X.com social networking site

The amount of damage caused by the BingX hack

According to statements from top officials of the centralized platform, the stolen funds were “insignificant and will be refunded”. 

According to Hot Wallet’s ArbitrageScanner.io:

Figure 3 – BingX exchange hot wallet (0xa88) 

Withdrawals from the alleged hacker’s wallet were recorded: 

Figure 4 – Receipts to the hacker’s wallet (0x940) 

The hacker immediately sold part of the funds received through decentralized sites: 

Figure 5 – Swipes of the hacker’s stolen wallet funds (0x940) 

The link to the hacker’s wallet can be found here 

The hacker is currently holding funds at the BingX Deposit address: 

Figure 6 – Wallet Transfer (0x940) 

The amount of money in the wallet that was transferred from the hacker’s wallet is estimated at $16.5 million.

Figure 7 – Balance of the wallet (0x1Dd) that received funds from the hacker’s address 

You can view the wallet here 

The stolen funds were mostly from Optimism, Arbitrum, Ethereum and Binance smartchains, among others:

Figure 8 – Portfolio Value by Wallet Network (0x1Dd) 

Figure 8 – Portfolio value by wallet network (0x1Dd) according to ArbitrageScanner.io

Total loss due to hacker attack was ~$43M

Quotes on the BingX exchange

The most significant impact of the hack was on low liquidity tokens:

Figure 9 – Prices of low liquid tokens on the BingX exchange after the hacker attack

In the crypto market, hacks and attacks are a regular occurrence, and no major exchange is immune.

Examples include the incidents at OKX, which lost $140 million, and Binance, which lost $540 million. Such risks are inevitable, and companies build them into their security strategies.

That is why most reputable exchanges keep the majority of their reserves in cold wallets that are not accessible in the online environment, which significantly reduces the risk of theft.