What happened?
On May 8, the hot wallet of the Taiwanese cryptocurrency exchange BitoPro experienced a system upgrade and asset transfer, during which it was attacked by hackers, resulting in approximately $11.5 million worth of cryptocurrency being stolen. On-chain detective ZachXBT revealed that the hackers used techniques such as dumping on decentralized exchanges, mixing services, and cross-chain operations to launder the stolen funds and publicly disclosed several suspicious hacker wallet addresses.
In the early stages of the incident, BitoPro only suspended services citing 'system maintenance' without explanation, leading to widespread skepticism from ZachXBT and the market. Today, BitoPro issued a statement confirming the hacker attack and emphasized that they immediately activated their response mechanisms, successfully blocking the hacker's actions and transferring assets to a new wallet.
BitoPro stated in their announcement that to demonstrate their commitment to asset security and information transparency, they will soon publicly disclose the new hot wallet address for external verification and reiterated that the vast majority of assets are stored in unaffected cold wallets. In addition, BitoPro promised to continue strengthening security measures, improving wallet management processes, and monitoring capabilities to ensure user asset safety.
Did BitoPro exchange get hacked? Hacker money laundering techniques exposed: rapid transfers and mixing operations.
The Taiwanese cryptocurrency exchange BitoPro has recently been embroiled in security concerns. Notable on-chain detective ZachXBT posted in a Telegram group on May 8, 2025, pointing out that the BitoPro exchange appeared to have been attacked by hackers, with approximately $11.5 million worth of cryptocurrency stolen from its hot wallet.
Several weeks have passed since the incident, and BitoPro has only suspended services under the excuse of 'system maintenance,' drawing widespread attention and skepticism from the market.
ZachXBT pointed out that attackers transferred assets from multiple hot wallets of BitoPro, involving blockchains including Tron, Ethereum, Solana, and Polygon. After stealing the assets, the hackers swiftly employed a series of complex money laundering techniques and attempted to sever links to the source of funds.
First, the stolen assets were quickly dumped through decentralized exchanges (DEX), then transferred into mixing services like Tornado Cash to obfuscate them. Some funds were further utilized for cross-chain operations via Thorchain, ultimately flowing into more privacy-oriented Wasabi wallets, increasing tracking difficulty.
ZachXBT also publicly disclosed several suspicious wallet addresses (assets have been emptied) that are suspected to belong to the hacker, including:
Ethereum Address: 0x2453933c98b6e55397103f7c1081626e0a02d2c9
Ethereum Address: 0x454cf3892a949c94569ab2663090ecdca811a6f0
Tron Address: TRoLEoNiiod5m8TSdmSR4iW17yQCfc2YJV
Solana Address: G1bdPViZztqV5ptH3mVyXdAKYRjN1jBhGiGvdDx9LmaCd
Bitcoin Address: bc1qcwzxklr3tr7zjhvql7pqtg57rkvm55vcz8ydul
What did BitoPro say?
Despite reports of a major security incident, since May 8, BitoPro has only suspended cryptocurrency deposit and withdrawal services under the excuse of 'system maintenance.' ZachXBT has commented under BitoPro's post on X (formerly Twitter), publicly questioning why the exchange has not provided an explanation for the approximately $11.5 million suspicious fund outflow incident weeks later.
BitoPro also released an official statement today confirming that the old hot wallet was indeed attacked by hackers during the system upgrade and asset transfer operations.
BitoPro stated that at the moment the incident occurred, they immediately activated emergency response mechanisms, swiftly transferring the platform's asset security to a new wallet and successfully blocking the hackers' actions while commissioning a third-party professional security company to assist in investigating and tracking relevant clues.
BitoPro emphasized that the platform's virtual asset reserves are sufficient, and user rights are completely unaffected. Since the incident occurred, users' value-added, withdrawal, and trading functions have all remained operational.
To demonstrate the highest commitment to asset security and information transparency, BitoPro also promised to soon publicly disclose the new hot wallet address for external verification and reiterated that the vast majority of the platform's assets are stored long-term in offline cold wallets with no external connections and have not been affected, ensuring overall asset security. In the future, BitoPro will continue to strengthen security measures, improve wallet management processes, and monitoring capabilities to safeguard user asset safety to the highest standards.
More reports
Storing coins has become a new trend! Public companies are following MicroStrategy, raising questions about whether this investment is really worthwhile.
Who is Lin Ruishang? The 24-year-old NTU drug lord has raised over 3 billion NTD in three years: A hand-drawn flowchart, how does it become ironclad evidence of dark web drug trafficking?
