🚨 $27M Heist: BigONE Exchange Hit by Brazen Supply Chain Hack

Another day, another crypto exchange gets schooled in Security 101—this time it's BigONE coughing up $27 million to hackers who pulled off a slick supply chain attack. Who needs brute force when you can hijack the software pipeline?

How the Attack Went Down

The breach didn’t smash through the front door—it slithered in via a third-party vendor. Supply chain strikes are the new black for cybercriminals, and exchanges keep leaving the window open. (Pro tip: Maybe audit those contractors before they become your worst liability?)

The Aftermath

BigONE’s now doing the walk of shame—freezing withdrawals, scrambling to patch the leak, and making vague promises about 'user funds being safe.' Meanwhile, traders are left staring at order books like abandoned prom dates. Classic crypto risk management: react after the money’s already gone.

Funny how these 'isolated incidents' keep happening right when markets get jittery. Almost like hackers read the fear in the charts better than your average crypto bro. Stay paranoid out there.

TLDR

• BigONE crypto exchange suffered a $27 million security breach through a supply chain attack on July 16, 2025
• Hackers compromised production network servers and altered account control systems to enable unauthorized withdrawals
• Stolen assets include 121 BTC, 350 ETH, 9.69 billion SHIB, 538,000 DOGE, 1,800 SOL, and 8.54 million USDT
• Exchange confirmed private keys were not leaked and has temporarily suspended deposits and withdrawals
• BigONE partnered with SlowMist security firm to trace hackers and promised full compensation to affected users

BigONE crypto exchange confirmed a security breach on July 16, 2025, resulting in losses exceeding $27 million. The Seychelles-based platform detected abnormal movements in its hot wallet during the early morning hours.

The attack was executed through a sophisticated supply chain exploit. Hackers gained unauthorized access by compromising the exchange’s production network and modifying server operating logic.

The #BigONE exchange was hacked and lost over $27M.

Currently, the hacker has exchanged the stolen assets for 120 $BTC($14.15M), 23.316M $TRX($7.01M), 1,272 $ETH($4M) and 2,625 $SOL($428K).

Address:
bc1qwxm53zya6cuflxhcxy84t4c4wrmgrwqzd07jxm
TCAfB8jHbJ56xwmfwKwWEs8HLRjbC2GfHG… pic.twitter.com/RXfSb7jgt0

— Lookonchain (@lookonchain) July 16, 2025

The breach specifically targeted servers responsible for account and risk control systems. This manipulation enabled attackers to withdraw funds without accessing private keys directly.

According to blockchain security firm SlowMist, the private keys remained secure throughout the incident. The firm reported that hackers inserted malicious code into the system to create backdoor access.

BigONE’s official statement confirmed the attack path has been identified and contained. The exchange assured users that no further losses WOULD occur from the same vulnerability.

Stolen Assets and Financial Impact

The hackers successfully withdrew multiple cryptocurrency assets from BigONE’s hot wallet. Stolen funds included 121 BTC, 350 ETH, and 1,800 SOL tokens.

Other compromised assets encompassed 9.69 billion SHIB tokens and 538,000 DOGE coins. The attackers also withdrew approximately 8.54 million USDT across four different blockchain networks.

Additional cryptocurrencies stolen included UNI, CELR, and other digital assets. The total value of stolen funds reached $27 million based on current market prices.

BigONE processes substantial daily trading volume, with $684 million recorded in the past 24 hours. The exchange originally launched in China in 2017 before relocating to Seychelles.

Security Response and Recovery Measures

BigONE immediately suspended deposit and withdrawal services following the breach detection. The exchange activated internal security reserves to stabilize liquidity pools and prevent further damage.

The platform partnered with SlowMist to trace hacker addresses and monitor stolen fund movements. This collaboration aims to track the attackers and potentially recover stolen assets.

BigONE committed to fully compensating all users affected by the security breach. The exchange plans to restore deposit and trading services within hours of the announcement.

Withdrawal services will resume after implementing additional security measures. The exchange emphasized that all private keys remain secure and uncompromised.

The incident follows previous crypto exchange hacks, including the $100 million Nobitex breach last month. Supply chain attacks have become increasingly common in the cryptocurrency industry.