**Crypto Exchange BigONE Loses $27M in Third-Party Attack**

In a shocking turn of events, cryptocurrency exchange BigONE has confirmed that it has suffered a significant loss of approximately $27 million due to a third-party attack on its hot wallet infrastructure. The incident highlights the ongoing threat of cyberattacks in the crypto space and underscores the importance of robust security measures for exchanges.

According to BigONE, the security incident was detected on July 16 after abnormal asset movements triggered real-time monitoring alerts. Upon investigation, it was confirmed that the breach resulted from a third-party attack targeting their hot wallet infrastructure. The exchange immediately took steps to contain the attack and prevent further losses.

**The Attack Path Revealed**

In collaboration with blockchain security firm SlowMist, BigONE traced the attacker's wallet addresses and monitored the flow of stolen funds. The affected tokens included 120 Bitcoin (BTC), 350 Ether (ETH), millions of USDt (USDT) across various chains, as well as significant amounts of CELR, SNT, SHIB (SHIB), and others.

The attack is believed to have exploited the platform's production network, likely through compromised CI/CD (Continuous Integration and Continuous Deployment) or server management channels. The attacker used malicious binaries deployed to account-operation servers, before unauthorized draining 350 ETH ($1.1 million). The breach quickly escalated with withdrawals across Bitcoin, Solana, and Tron, consolidating the stolen assets into a single external address for laundering.

**The Importance of Security**

Blockchain security expert Yehor Rudytsia, on-chain security researcher at Hacken, emphasized the importance of strengthening security measures to prevent similar attacks. "To mitigate such attacks, you have to strengthen the security of CI/CD pipelines, to enforce strict control of your dependencies and implement continuous on-chain and off-chain monitoring of the whole infrastructure," he said.

Rudytsia also highlighted the need for Automated Incident Response as a crucial security measure for all exchanges. This measure can help halt exploitation and secure as much of the funds as possible.

**BigONE's Response**

BigONE has pledged to cover all losses from the breach, ensuring that users' assets remain intact. The company has activated its internal security reserves, comprising BTC, ETH, USDt, Solana (SOL), and Mixin (XIN), to replenish affected user funds. Additionally, BigONE is actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible.

The recent BigONE hack comes a day after Arcadia Finance, a decentralized finance (DeFi) platform operating on the Base blockchain, suffered an exploit resulting in the theft of about $3.5 million in cryptocurrency. This incident highlights the ongoing threat of cyberattacks and underscores the need for robust security measures to protect user assets.

**The Crypto Crime SuperCycle**

The first half of 2025 has seen more than $2.47 billion in losses due to hacks, scams, and exploits, representing a nearly 3% increase over the $2.4 billion stolen in 2024. This trend is often referred to as the crypto crime supercycle, fueled by factors such as FOMO (fear of missing out) and lax regulations.

As the crypto space continues to grow, it's essential for exchanges to prioritize security measures and implement robust protection strategies to safeguard user assets. The recent incidents highlight the need for increased awareness and investment in cybersecurity measures to prevent similar breaches in the future.