A major security lapse has rocked Taiwan-based crypto exchange BitoPro, which quietly suffered an $11.5 million hack earlier in May but failed to alert users for weeks.
On May 8, attackers drained funds from the platform’s hot wallets across Ethereum, Solana, Tron, and Polygon. Blockchain investigator ZachXBT flagged the breach publicly on June 2, noting that the stolen assets were funneled through decentralized exchanges, mixers like Tornado Cash, and even bridged to Bitcoin—tactics commonly used to cover tracks.
BitoPro had issued a vague “maintenance” notice the day after the hack, but did not confirm the theft until three weeks later. In a Telegram message, the exchange attributed the exploit to an old wallet that was compromised during a system upgrade. It claimed all user funds were safe and that operations remained fully functional.
A third-party cybersecurity firm is now helping track the stolen funds, and BitoPro has promised to share new wallet details to support transparency.
Meanwhile, the incident adds to a growing list of crypto breaches. In late May, the Cetus DEX was hit for $220 million, and Nervos Network lost $3 million just days ago. In both cases, stolen assets were laundered using Tornado Cash.
Security experts say access control failures remain one of the most pressing risks in Web3—and the pace of high-profile hacks shows no signs of slowing down.
Coinbase is now facing mounting scrutiny after it allegedly sat on a serious data breach for over four months, exposing the personal information of nearly 70,000 users before taking action.
A Nevada resident has been sentenced to six years in federal prison after orchestrating a sophisticated fraud operation that involved stealing U.S. Treasury checks and using stolen identities to access the funds.
French investigators have dismantled a group of 25 suspects—mostly under 24 years old—linked to a string of failed kidnappings aimed at wealthy individuals in the crypto space.
Shiba Inu’s Shibarium team has launched an internal investigation into alleged rug pulls carried out by actors operating within the network.