On July 16, 2025, the Seychelles-based cryptocurrency exchange BigONE experienced a significant supply chain attack, resulting in the theft of $27 million from its hot wallets. The hackers infiltrated the exchange's production network, managing to withdraw funds without accessing private keys. BigONE confirmed that no private keys were compromised; instead, internal systems were manipulated to facilitate unauthorized withdrawals. The exchange quickly detected unusual asset movements and attributed them to a third-party attack. They assured users that all private keys remained secure and that the vulnerability had been addressed. This incident highlights a new threat to centralized exchanges, as it targeted backend infrastructure rather than relying on compromised keys or smart contracts. The attack began with social engineering tactics aimed at a key developer, leading to unauthorized access and the deployment of malicious code. BigONE is now working with blockchain security experts to trace the stolen funds and has initiated a bounty program to encourage information leading to the recovery of assets. Read more AI-generated news on: https://app.chaingpt.org/news

#CYBER