• TEXT= DATE: 08.12.2025 BRIDGE Summit | 8-10 Dec 2025 | Abu Dhabi
  • TIMER= 08.12.2025
  • BUTTON= DISCOVER MORE
  • bitcoinBitcoin (BTC) $ 42,977.00 0.18%
  • ethereumEthereum (ETH) $ 2,365.53 1.12%
  • tetherTether (USDT) $ 1.00 0.2%
  • bnbBNB (BNB) $ 302.66 0.19%
  • solanaSolana (SOL) $ 95.44 1.28%
  • xrpXRP (XRP) $ 0.501444 0.1%
  • usd-coinUSDC (USDC) $ 0.996294 0.34%
  • staked-etherLido Staked Ether (STETH) $ 2,367.26 1.4%
  • cardanoCardano (ADA) $ 0.481226 2.68%
  • avalanche-2Avalanche (AVAX) $ 34.37 1.19%
  • bitcoinBitcoin (BTC) $ 42,977.00 0.18%
    ethereumEthereum (ETH) $ 2,365.53 1.12%
    tetherTether (USDT) $ 1.00 0.2%
    bnbBNB (BNB) $ 302.66 0.19%
    solanaSolana (SOL) $ 95.44 1.28%
    xrpXRP (XRP) $ 0.501444 0.1%
    usd-coinUSDC (USDC) $ 0.996294 0.34%
    staked-etherLido Staked Ether (STETH) $ 2,367.26 1.4%
    cardanoCardano (ADA) $ 0.481226 2.68%
    avalanche-2Avalanche (AVAX) $ 34.37 1.19%
image-alt-1BTC Dominance: 58.93%
image-alt-2 ETH Dominance: 12.89%
image-alt-3 BTC/ETH Ratio: 26.62%
image-alt-4 Total Market Cap 24h: $2.51T
image-alt-5Volume 24h: $144.96B
image-alt-6 ETH Gas Price: 5.1 Gwei
 

MORE FROM SPONSORED

LIVE Web3 News

 

ARTICLE INFORMATION

BigONE hacked for $27 million

BigONE hacked for $27 million in hot wallet attack and supply chain breach

https://icn.live/wp-content/uploads/2025/07/BigONE-hacked-for-27-million.mp3
  • by ICN.live
Tariq Al-Mansouri

BigONE hacked for $27 million in a shocking hot wallet attack that shook the crypto world today.

The breach was discovered in the early hours of July 16, as the exchange detected unusual fund movements. Soon after, the team confirmed a third-party attack that bypassed its systems.

The attackers made off with a devastating haul. In total, 120 BTC, 350 ETH, 1,800 SOL, and over 8.54 million USDT were stolen. These assets were spread across four networks and included eight additional tokens like DOGE, SHIB, and CELR. Blockchain security firm SlowMist traced the cause to a supply chain attack that compromised BigONE’s production network.

Supply chain breach exposes security gaps

This wasn’t just another hot wallet exploit. The hackers altered the exchange’s operational logic, including account and risk control servers. This allowed them to withdraw funds without triggering the usual security alarms. However, no private keys were leaked, according to BigONE and SlowMist.

Supply chain attacks are especially dangerous. They allow attackers to slip in malicious code during software updates or through third-party services. This breach highlights why crypto exchanges must audit and test every integration deeply. Even when the core wallet remains untouched, supporting infrastructure can be an Achilles heel.

ANOTHER MUST-READ ON ICN.LIVE:

MARA Holdings invests in Two Prime to expand actively managed Bitcoin yield strategies

BigONE hacked for $27 million but vows full reimbursement

In response, BigONE said it has already taken full control of the situation. The attack vector was isolated, and systems are being fortified. The exchange committed to covering all user losses from its internal security reserves. Services are expected to resume within hours, according to their official statement.

Despite BigONE’s damage control, not everyone is sympathetic. Onchain investigator ZachXBT criticized the exchange for its alleged involvement in shady crypto flows. He pointed to volumes linked to romance scams and fraudulent schemes, stating he felt no pity for the team.

Can centralized exchanges recover user trust?

BigONE, founded in 2017 and now based in Seychelles, processed $684 million in trades in just 24 hours, per CoinGecko. This attack—and BigONE’s swift response—put a spotlight on centralized exchange risk. As more traders look toward decentralized platforms, the incident raises new questions: can centralized exchanges maintain trust in the age of blockchain transparency?

SHARE

What exactly happened in the BigONE hack?

BigONE was hacked for $27 million through a supply chain attack that altered core server logic. This allowed attackers to bypass risk controls and withdraw assets undetected. The breach targeted the hot wallet, not cold storage or private keys. Assets stolen include BTC, ETH, SOL, and USDT across multiple chains. The production environment was compromised, highlighting vulnerabilities beyond wallet keys. BigONE has since isolated the threat and confirmed it will cover all losses.

Was user data or private keys compromised?

No, according to both BigONE and security firm SlowMist, private keys were not leaked. The attack focused on backend operations—altering the logic of account management and risk control systems to permit unauthorized withdrawals. This means the security breach happened at the infrastructure level, not at the user wallet or encryption layer. It shows that even if keys remain safe, exchanges can still be exposed to indirect exploits.

How is BigONE responding to this incident?

BigONE quickly acknowledged the breach, identified the attack path, and contained the damage. It announced that all affected users would be reimbursed using internal security reserves. Trading and deposit services are expected to resume shortly. The exchange is working closely with SlowMist to trace stolen funds and identify the attacker. This proactive response aims to restore community trust, although scrutiny remains high.

What does this mean for the future of centralized exchanges?

The BigONE hack reinforces concerns about centralized exchanges’ security. Even without direct private key exposure, backend systems remain a weak link. As decentralized exchanges (DEXs) grow more popular, many are questioning whether centralized platforms can remain secure enough to handle billions in user funds. The BigONE hack might push more users toward on-chain, trustless solutions—especially those wary of exchange-level breaches and counterparty risk.

FEATURED

EVENTS

Days
Hr
Min
Sec
 

ICN TALKS EPISODES