The Singapore-based cryptocurrency trading platform BigONE revealed that it was the victim of a sophisticated cyberattack of the supply chain attack type, resulting in a breach of its systems and theft of digital assets exceeding $27 million, without compromising users' private keys.
The platform confirmed in an official statement that the attack targeted its internal production network, leading to the breach of central servers responsible for managing accounts and controlling risk management mechanisms.
This attack, described as one of the most complex types of cyber intrusions, did not depend on stealing private keys but exploited a technical vulnerability within the system itself to access the active wallet.
According to reports from SlowMist, a company specializing in blockchain security, what happened to the BigONE platform is a typical example of supply chain attacks, which enable the intruder to control the internal infrastructure without needing passwords or keys.
Tracking the Movement of Stolen Funds from the BigONE Platform Analyses from the security platform CertiK revealed suspicious activity on wallet address 0xd4d…d93f, which was used to transfer the stolen tokens associated with the BigONE breach. The assets were later transferred to a second wallet (0x0a3…05f4f) currently holding approximately $4 million in Ethereum and a variety of other digital currencies.
The assets that were seized included multiple tokens such as Ethereum, SHIBA INU, CelerToken, and several smaller altcoins, complicating the task of tracking and recovering the stolen assets.
BigONE Platform Takes Urgent Steps and Promises User Compensation After detecting unusual activity, the security team at BigONE swiftly acted to contain the breach, and the path used to carry out the attack has already been blocked. The platform confirmed in its statement that user private keys were not compromised and that it would take full responsibility, covering all losses resulting from the attack.
BigONE also announced a temporary halt to all trading, deposit, and withdrawal operations while conducting a comprehensive review of its system architecture and implementing new security measures before resuming operations.
Amid this crisis, many traders are questioning the security of the BigONE platform and whether it remains safe to use. Despite the magnitude of the losses, the platform's swift response and its full commitment to compensating users may gradually help restore trust.
What happened to the BigONE platform serves as a strong wake-up call for other cryptocurrency exchanges worldwide to invest in advanced cybersecurity technologies, especially given the continuous increase in the volume of digital threats targeting the sector.
