Stolen Cryptocurrency Worth $27 Million in BigONE Hack, Yet the Most Surprising Aspect Surfaces in the Assault

Stolen Cryptocurrency Worth $27 Million in BigONE Hack, Yet the Most Surprising Aspect Surfaces in the Assault

Singapore-based cryptocurrency exchange BigONE has suffered a significant setback after a supply chain attack on July 16, 2025, resulted in an estimated loss of $27 million. The attack, which targeted the exchange's production network, specifically servers tied to account logic and risk control, went undetected until unusual asset flows triggered internal alarms.

The attacker was able to make unauthorized fund withdrawals from the exchange's hot wallets, draining assets across several blockchains, including Bitcoin, Ethereum, Tether, Solana, Shiba Inu, and others. Despite the severity, BigONE confirmed that private keys were not compromised during the incident, and users' losses will be reimbursed from security reserves.

The breach occurred when the attacker exploited a vulnerability in BigONE's production network, altering the operating logic of servers responsible for accounts and risk management. This manipulation enabled the attacker to perform unauthorized withdrawals without exposing or leaking the private keys themselves.

By infiltrating this critical backend system—a key link in the exchange’s supply chain—the attacker changed how backend authorization and risk controls worked. This enabled withdrawals that circumvented normal security checks and risk alerts, effectively bypassing traditional wallet security defenses focused on private key protection.

BigONE has pledged full compensation and activated emergency reserves to restore affected assets. A comprehensive inspection of backend server configurations and deployment logic is underway. Users are advised to monitor announcements for wallet reactivations and compensation status.

In response to the attack, BigONE is sourcing liquidity through third-party borrowing to refill the depleted hot wallets. Major platforms like Binance and OKX are monitoring for any suspicious deposits from these addresses. It is advised that users avoid transferring assets to flagged hacker addresses to prevent blacklisting.

Moreover, users are advised to enable 2FA and withdrawal whitelists for future transactions to enhance security. There are concerns that the hacker could try to launder ETH and USDT through obscure DEXs or bridges, and users are encouraged to stay vigilant.

A live incident report is scheduled to be published within 48 hours, and a transparency portal will be launched soon to track compensation and wallet restoration progress. BigONE assures users that they will not bear any losses from this incident.

1. BigONE, an exchange based in Singapore, suffered a loss of $27 million due to a supply chain attack on their production network on July 16, 2025.
2. The attack targeted servers linked to account logic and risk control, going undetected until unusual asset flows set off internal alarms.
3. The attacker managed to make unauthorized fund withdrawals from BigONE's hot wallets, depleting assets across various blockchains, including Bitcoin, Ethereum, Tether, Solana, Shiba Inu, and others.
4. Despite the incident, BigONE confirmed that private keys were not compromised, and users' losses will be reimbursed from security reserves.
5. The breach occurred when the attacker exploited a vulnerability in BigONE's production network, manipulating servers responsible for accounts and risk management.
6. This manipulation enabled the attacker to perform unauthorized withdrawals without exposing or leaking the private keys, bypassing traditional wallet security defenses.
7. BigONE is currently sourcing liquidity through third-party borrowing to refill the depleted hot wallets, with major platforms like Binance and OKX monitoring for any suspicious deposits.
8. Users are advised to avoid transferring assets to flagged hacker addresses to prevent blacklisting and to enable 2FA and withdrawal whitelists for future transactions to enhance security.
9. There are concerns that the hacker could try to launder ETH and USDT through obscure DEXs or bridges, and users are encouraged to remain vigilant.
10. A live incident report is scheduled to be published within 48 hours, and a transparency portal will be launched soon to track the progress of compensation and wallet restoration.
11. BigONE assures users that they will not bear any losses from this incident.
12. Apart from cryptocurrencies, the attack affected traditional coins as well, highlighting the interconnectedness of the finance and crypto industries.
13. The attack on BigONE underscores the importance of data-and-cloud-computing security and cybersecurity in the technology-driven business of crypto trading and investing.

Read also: