In a major blow to the crypto community, centralized crypto exchange BigONE has confirmed it suffered a devastating security breach resulting in the loss of over $27 million.
Blockchain security firm SlowMist first reported the hack via X (formerly Twitter), attributing the attack to a supply chain vulnerability.
The attackers managed to compromise BigONE’s production network, specifically tampering with the operating logic of account and risk control servers.
The aim was to allow them to stealthily siphon funds from the platform.
Despite the severity of the breach, SlowMist emphasized that no private keys were leaked, which prevented even greater losses and potential long-term damage to the platform’s core infrastructure.
Attack Vector Identified, Hacker Wallets Exposed Across Four Blockchains
The attack has now been traced to a sophisticated infiltration of BigONE’s hot wallet system.
Hackers modified core server functions to bypass automated security and risk controls.
The attacker’s addresses have been published across multiple blockchains, including Ethereum and BSC (0x9Bf7…a7a), Solana (HSr1FN…g4R), Bitcoin (bc1qwx…xm), and Tron (TKKGH…17c).
BigONE has reassured users that the breach path has been fully identified and contained, and that no further assets are at risk.
Security teams, in collaboration with SlowMist, are closely monitoring all associated wallets and movements of stolen funds to prevent further laundering efforts.
Also they aim to assist global law enforcement agencies with ongoing investigations.
Also Read: Breaking: Venus Protocol on BNB Chain Faces $2 Million Crypto Hack
Platform Recovery in Progress as BigONE Activates Emergency Asset Reserves
Shortly after the attack was detected in the early hours of July 16, BigONE’s internal team moved quickly to contain the breach and begin recovery procedures.
Deposit and trading services are expected to resume shortly, while withdrawal services will remain suspended until additional security reinforcements are completed.
To ensure users do not bear any losses, BigONE has activated its internal security reserves, including holdings of BTC, ETH, USDT, SOL, and XIN, to replenish affected wallets.
For less liquid or smaller-cap tokens, the exchange is currently sourcing liquidity through borrowing mechanisms and third-party arrangements.
Also Read: Alex Protocol Unveils Reimbursement Plan for Victims of $8.3 Million Crypto Hack
Breakdown of Affected Assets Reveals Scale and Breadth of Breach
A detailed breakdown of the impacted tokens reveals the extensive scope of the attack.
Notable losses include 120 BTC, 350 ETH, and over $8.5 million in USDT across multiple chains (TRC20, ERC20, BSC, and Solana).
Other affected assets include nearly 10 billion SHIB, 15.7 million CELR, and over 4.3 million SNT, among others.
BigONE has pledged full transparency, promising regular updates and a comprehensive compensation plan to protect users’ trust.
The swift and detailed response stands in contrast to slower, opaque reactions seen in some previous crypto exchange incidents.
Criticism Emerges as Community Voices Concerns
While BigONE’s swift response and commitment to reimburse losses have calmed some nerves, not all reactions have been sympathetic.
Influential crypto investigator ZachXBT publicly criticized the exchange, stating,
“I do not feel bad for the team as this CEX processed a good bit of volume from pig butchering, romance, [and] investment scams.”
His remarks have sparked renewed debate about centralized exchange accountability and the ethical implications of transaction monitoring.
The controversy highlights a broader lack of trust in platforms that have previously been linked to scam-facilitated transactions, regardless of their formal security protocols.
Also Read: Taiwan’s BitoPro Crypto Exchange Successfully Restores $11 Million Following Major Crypto Hack
Industry-Wide Alert as Crypto Hacks Continue to Escalate
This breach adds to a growing list of high-profile crypto hacks in 2025.
Just recently, Arcadia Finance lost $2.5 million through a vulnerability in its Rebalancer component.
In the same month, GMX on Arbitrum suffered a $42 million exploit involving targeted social engineering using fake media DMs.
Additionally, Fuzzland reported that a former employee orchestrated a $2 million internal exploit on Bedrock UniBTC.
The BigONE incident underscores the increasing sophistication of crypto attackers, with supply chain and insider threats becoming more prominent.
As exchanges and DeFi platforms evolve, the incident reinforces the urgent need for industry-wide security audits, better threat detection mechanisms, and more transparent user protection protocols.
Also Read: Microsoft Wipes Thousands Of North Korean IT Worker Fraud Accounts Amid Rising Crypto Hacks