BigONE Crypto Exchange Suffers $27M Hack

BigONE, a Singapore-based cryptocurrency exchange, has suffered a significant security breach, resulting in a loss of $27 million. The exchange confirmed this attack, revealing that it was a result of a third-party attack targeting its hot wallet.

BigONE Loses $27M to Hackers

Blockchain security firm SlowMist initially reported the incident, stating that the exchange’s supply chain had been attacked.

🚨SlowMist TI Alert🚨

The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw… pic.twitter.com/GkxlNIUs6A

— SlowMist (@SlowMist_Team) July 16, 2025

Supply chain attacks occur when a hacker gains unauthorized access to a system and modifies its software by injecting malicious code into it. The embedded code can then be employed to deliver a malicious payload or install backdoor malware.

According to the exchange, the attacker made away with various assets, including 120 BTC, 350 ETH, 1,800 SOL, and about 8 million USDT across four different networks. The platform also lost funds in DOGE, SHIB, and CELR.

BigONE Assures Users

Aligned with SlowMist’s findings, BigONE confirmed that all private keys associated with the exchange’s wallets remain secure. The company also assured users that it has identified the breach’s attack vector and implemented measures to prevent any further losses.

To mitigate the losses, BigONE has activated its internal security reserves, which currently hold BTC, ETH, USDT, SOL, and XIN. It is also arranging liquidity to reimburse all affected assets.

“Deposit and trading services are expected to resume within a few hours. Withdrawal functions will be restored after additional security reinforcement. User assets will not be affected in any material way. For other affected mainstream and non-mainstream tokens, we are actively securing external liquidity through borrowing mechanisms to restore the platform wallet as soon as possible”, the exchange added.

Furthermore, BigONE is closely working with the SlowMist team to trace the hacker’s addresses and monitor fund movements. Notably, the hacker has converted the stolen funds, moving the assets across multiple addresses.

In response, famous on-chain sleuth ZachXBT took aim at BigONE’s past compliance issues. In an X post, he stated that he does not sympathize with BigONE’s losses, as he claimed the exchange processes a large amount of illicit funds.

Meanwhile, BigONE’s recent security breach follows the Arcadia Finance exploit, which resulted in a $2.5 million loss. Yesterday, the decentralized platform suffered a breach that targeted its Rebalancer contract. The attacker leverages a vulnerability related to arbitrary swapData parameters to facilitate unauthorized asset withdrawals from user vaults.

The post BigONE Crypto Exchange Suffers $27M Hack appeared first on Cointab.