$11.5M Crypto Heist at BitoPro Revealed Weeks After Breach
We may earn commissions from affiliate links or include sponsored content, clearly labeled as such. These partnerships do not influence our editorial independence or the accuracy of our reporting. By continuing to use the site you agree to our terms and conditions and privacy policy.
A major security lapse has rocked Taiwan-based crypto exchange BitoPro, which quietly suffered an $11.5 million hack earlier in May but failed to alert users for weeks.
On May 8, attackers drained funds from the platform’s hot wallets across Ethereum, Solana, Tron, and Polygon. Blockchain investigator ZachXBT flagged the breach publicly on June 2, noting that the stolen assets were funneled through decentralized exchanges, mixers like Tornado Cash, and even bridged to Bitcoin—tactics commonly used to cover tracks.
BitoPro had issued a vague “maintenance” notice the day after the hack, but did not confirm the theft until three weeks later. In a Telegram message, the exchange attributed the exploit to an old wallet that was compromised during a system upgrade. It claimed all user funds were safe and that operations remained fully functional.
A third-party cybersecurity firm is now helping track the stolen funds, and BitoPro has promised to share new wallet details to support transparency.
Meanwhile, the incident adds to a growing list of crypto breaches. In late May, the Cetus DEX was hit for $220 million, and Nervos Network lost $3 million just days ago. In both cases, stolen assets were laundered using Tornado Cash.
Security experts say access control failures remain one of the most pressing risks in Web3—and the pace of high-profile hacks shows no signs of slowing down.
Commentaries 
Fill in necessary fields and publish