AscendEX reportedly loses ~$78M after its hot wallet is compromised

AscendEX reportedly loses ~$78M after its hot wallet is compromised

The number of hacks has consistently corresponded with the growing popularity of cryptocurrencies. A total of 169 blockchain hacking incidents have taken place in 2021, with nearly $7 billion in funds lost. Crypto-exchanges, wallets, and marketplaces around the world have been victims of such illicit activities.

Another one bites the dust…

Popular crypto-trading platform AscendEX (formerly Bitmax) is in the news today for all the wrong reasons. It made news after it suffered a loss of $77.7 million following its hot wallet being compromised.

According to a statement released by the platform, it detected an undisclosed number of tokens based on Ethereum, Binance Smart Chain, and Polygon. The incident in question took place in the late hours of 11 December.

22:00 UTC 12/11, We have detected a number of ERC-20, BSC, and Polygon tokens transferred from our hot wallet. Cold Wallet is NOT affected. Investigation underway. If any user’s funds are affected by the incident, they will be covered completely by AscendEX.

— AscendEX (@AscendEX_Global) December 12, 2021

The timing of the aforementioned incident is interesting. Especially since the cryptocurrency exchange celebrated its third anniversary just recently.

Furthermore, the platform also raised $50 million in Series B funding just recently.

Here, it’s worth pointing out that at press time, the platform was yet to release more information on the subject. Even so, blockchain security and data analytics resource PeckShield was quick to fill in this gap.

According to the same, total losses are estimated to be roughly $78 million. Out of the lot, around $60 million worth of tokens were transferred over the Ethereum blockchain alone. Tokens stolen from BSC and Polygon were worth $9.2 million and $8.5 million, respectively.

Estimated loss @AscendEX_Global: $77.7M in total ($60M on @ethereum $9.2M @BinanceChain $8.5M @0xPolygon). Here is the list of the transferred-out assets and their amounts on @ethereum

— PeckShield Inc. (@peckshield) December 12, 2021

Next steps?

As has been the case with previous incidents, the team in question is now following the same protocol.

According to the exchange, an investigation has been commenced. All deposits and withdrawals have also been suspended. However, the upcoming post-mortem report is likely to provide more insights into the incident.

The aforementioned is the second high-end hack against a centralized cryptocurrency exchange this month. BitMart was the last to fall victim to a major security incident. In fact, that incident resulted in a loss of nearly $200 million.

In other news, the Gelato network received an alert about a serious vulnerability in Sorbet Finance. Worth noting, however, that it successfully implemented whitehat recovery to transfer all potentially vulnerable funds to a secure escrow contract.