CoinSpot, an Australian cryptocurrency exchange, has apparently been hacked for $2.4 million in a “probable private key compromise” involving at least one of its hot wallets.
Blockchain sleuth ZachXBT noted two transactions entering the suspected hacker’s wallet in a Nov. 8 post on his Telegram channel. Following that, the wallet’s owner connected the funds to the Bitcoin network using ThorChain and Wan Bridge.
CertiK, a blockchain security firm, told Cointelegraph that the suspected attack was the result of a “probable private key compromise” on at least one CoinSpot hot wallet.
According to Etherscan data, a transaction totaling 1,262 Ether — worth $2.4 million at current rates — originated in a known CoinSpot wallet and entered the alleged hackers wallet.
The suspect took 1,262 ETH from a known CoinSpot wallet. ZachXBT contributed to this report.
Read Also: Monero Community Crowdfunding Wallet Hacked, Lost 2,675.73 XMR in Devastating Attack
Following that, the owner of the wallet address that got the 1,262 ETH began a series of transfers. The wallet’s owner used Uniswap to exchange 450 ETH for 24 Wrapped Bitcoin (WBTC) in two distinct transactions.
According to CertiK investigation data viewed by Cointelegraph, the address swapped 831 ETH for Bitcoin over Thorchain during the next 10 minutes, delivering the Bitcoin to four separate wallet addresses.
A scan of the Bitcoin explorer BTCScan data revealed that the owner of the four Bitcoin wallets distributed the allegedly ill-gotten BTC to many new wallets, sending smaller divisions of the assets each time.
This is a frequent method used by attackers to delay the investigation, making it more difficult to trace down all of the stolen funds.
CoinSpot was founded in 2013 and is now Australia’s largest crypto exchange by reported user counts, with about 2.5 million customers. The exchange is overseen by the Australian financial authority AUSTRAC, which gave it an Australian Digital Currency Exchange License.
Source: https://bitcoinworld.co.in/crypto-exchange-coinspot-reportedly-suffers-2m-hot-wallet-hack/