A hacker stole $27 million from BigONE exchange by exploiting internal systems, not private keys.
- BigONE lost Bitcoin, Ethereum, Shiba Inu, and other assets in a supply chain attack.
- No private keys were exposed, and users will be reimbursed from an insurance fund.
- Investigations involve blockchain security firms to trace stolen funds.
How the Hack Happened
On July 16, 2025, cryptocurrency exchange BigONE confirmed a major security breach. Attackers took $27 million worth of crypto from the exchange’s hot wallets. Hot wallets are digital wallets connected to the internet, making them easier to attack.
The breach came from a supply chain attack. Hackers gained unauthorized access to BigONE’s internal network. They did this by targeting a developer with social engineering tricks. They then added malicious code to get control over system processes. This allowed them to bypass normal limits and transfer large amounts of funds without needing private keys.
What Was Stolen
According to onchain data and BigONE’s official statement, the attacker took:
- 121 Bitcoin (BTC)
- 350 Ethereum (ETH)
- 9.69 billion Shiba Inu (SHIB)
- 538,000 Dogecoin (DOGE)
- Stablecoins like USDT and USDC
These funds were moved quickly and in large amounts. Some clean-up transactions added over 100,000 USDC and more in other coins, which showed that the hackers planned the attack carefully.
Investigation and Response
BigONE says private keys were never exposed. The exchange has closed the security gap. It’s working with blockchain security firm SlowMist to trace the stolen funds. A bounty of up to $8 million is being offered for tips that help recover the assets or identify the attackers.
Despite the large loss, BigONE assured customers that all accounts are safe. The company is using its insurance reserve to pay users back. Key services like trading and deposits have already gone back online.
Why This Matters
This event shows how attacks on crypto platforms are becoming more advanced. Hackers are now targeting weak spots in the software and internal systems. Traditional protections like safeguarding private keys are no longer enough.
Because of increasing crypto hacks, more exchanges are buying cyber insurance. The crypto insurance market has grown to $4.2 billion in 2025. More exchanges now use separate funds and insurance to handle these attacks and protect users.
Source: cointelegraph.com