BigOne Exchange Bleeds $27M in Devastating Security Breach—Here’s What Went Wrong
Crypto's latest 'oops' moment: BigOne joins the hall of shame after attackers siphon $27 million faster than a degenerate trader chasing leverage.
How it happened: The exchange's security protocols folded like a cheap suit—details still emerging, but insiders whisper about a hot wallet compromise.
Fallout: While C-suite execs scramble to contain the damage, traders are left holding empty bags—proving once again that 'not your keys, not your crypto' isn't just a meme.
Silver lining? At least the hackers didn't take the exchange's apparent talent for burning institutional trust—that was already long gone.
BigOne noted outflows from its main hot wallet
The BigOne exchange team immediately identified the suspicious outflows, affecting its main hot wallet. The wallet’s keys are unaffected and the exchange is working toward renewing deposits and withdrawals. The exchange still posted a system upgrade message hours after the exploit.
⚠️ Security Incident: unauthorized access to our hot wallet
All user assets are safe. BigONE will fully bear all the losses. Trading and deposits will resume soon; withdrawals after added security upgrades.
🔗 https://t.co/CWCrng2KK8
— BigONE (@BigONEexchange) July 16, 2025
The exchange’s biggest hot wallet, holding over $23M, was last active in the past few hours. The recent outflows affected a series of hot wallets on different chains, including 120 BTC. The hacker holds nearly $4M in ETH and several tokens, though the tokens may not be easily tradable.
The hacker also took stablecoins on several networks, as well as SHIB, DOGE, and smaller Ethereum-based tokens. Another $7M is held in TRX tokens on the TRON network.
User balances have not been materially affected, and BigOne will use its insurance fund to cover the loss. The exchange currently holds over $91M in crypto assets, based on DeFiLlama data.
BigOne mostly trades BTC, ETH, and SOL, with significant markets for LTC and older meme tokens like BONK and DOGE.
The exchange was founded in 2017, going through several bull and bear markets already. The market operator started out in mainland China, but later moved due to regulatory restrictions on crypto trading. The long-term presence on the market meant BigOne mostly carried altcoins from previous bull cycles, with few inflows from the latest meme tokens.
BigOne renews centralized exchange attacks
The BigOne exchange attack follows a series of exploits against decentralized protocols. During the week, the GMX protocol saw an outflow of multiple tokens valued at $42M, before the hacker agreed to return the funds.
A classic supply chain attack, causing unauthorized withdrawals, is now a more rare event. Centralized exchanges have not suffered such attacks since KuCoin’s exploit for $275M in 2020.
Even the Bybit attack used a wallet vulnerability, instead of the exchange’s account and authorization infrastructure. The recent exploit showed that server vulnerabilities can also be exploited, changing the logic to operate hot wallets.
The hackers managed to bypass the account and withdrawal controls, though the outsized transactions were still flagged.
Cryptopolitan Academy: Want to grow your money in 2025? Learn how to do it with DeFi in our upcoming webclass. Save Your Spot
