BigOne exchange suffered $27 million attack
BigOne exchange hacked for $27 million in multi-chain exploit
Crypto exchange BigOne has suffered a major supply chain exploit, resulting in losses totaling $27 million, according to blockchain security firm SlowMist.
The hacker drained funds across Ethereum, Solana, TRON, and Bitcoin blockchains, targeting the platform’s logic rather than compromising wallet private keys, reports Cryptopolitan.
The attacker exploited vulnerabilities in BigOne’s exchange infrastructure, allowing unauthorized withdrawals beyond actual wallet balances. This marks the largest attack in BigOne’s history, which operates with a daily volume of $728 million but only holds a 6/10 trust score on CoinGecko.
Hacker Targeted Hot Wallets, Took Multi-Chain Assets
BigOne’s internal team flagged suspicious activity tied to its main hot wallet, with immediate losses reported across multiple chains. Notably, the attacker seized $4 million in ETH, 120 BTC, and $7 million in TRX, along with popular tokens like SHIB and DOGE. Though the wallet keys remained secure, the hacker manipulated server-side logic to bypass withdrawal limits. The incident resembles older centralized exchange exploits such as the 2020 KuCoin hack. Despite the breach, BigOne reassured that user balances remain unaffected, and it will utilize its insurance fund—with reserves over $91 million, per DeFiLlama—to cover the stolen funds.
Broader Implications for Exchange Security
The BigOne breach revives concerns around centralized exchange vulnerabilities, especially after months of DeFi protocol exploits. Security experts noted that this exploit differs from recent attacks—such as the Bybit and GMX incidents—by exploiting backend logic flaws rather than wallet misconfigurations. The event highlights the lingering risks of server-side weaknesses in crypto platforms, particularly as attack methods evolve beyond traditional smart contract vulnerabilities. Though BigOne continues to operate, its reputation has taken a hit, especially after on-chain investigator ZachXBT noted its historical usage as a fund laundering venue. The exchange’s response and future audits will be key to restoring confidence.
Recently we wrote that CoinMarketCap has removed a fraudulent popup notification that appeared on its website prompting users to “verify” their cryptocurrency wallets.
