Major Security Breach at BigONE Exchange: $27 Million Lost
In a shocking turn of events, cryptocurrency exchange BigONE has confirmed that it fell victim to a significant third-party attack, resulting in an estimated loss of $27 million. This breach occurred on Wednesday and highlights the vulnerabilities in security systems, raising alarms across the crypto community. Attackers allegedly exploited BigONE’s server logic through a supply chain manipulation to siphon off funds, a tactic that has growing implications for exchanges worldwide.
The Attack Unfolds: How It Happened
Initial reports from blockchain security firm SlowMist unveiled the extent of the breach, noting that BigONE’s production network had been compromised. According to their findings, the attackers made modifications to the operating logic of critical servers responsible for account management and risk controls, paving the way for unauthorized fund withdrawals.
🚨SlowMist TI Alert🚨The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw… pic.twitter.com/GkxlNIUs6A— SlowMist (@SlowMist_Team) July 16, 2025
BigONE Responds: Assurances and Compensation
In the wake of the attack, BigONE has reassured its user base that all private keys remain intact and their assets are secure. The exchange has committed to covering the total losses incurred from this incident. In an official statement, they confirmed, “All user assets are safe. BigONE will fully bear all the losses. Trading and deposits will resume soon, while withdrawals will reopen following necessary security enhancements.”
The Intricacies of the Supply Chain Attack
So, what exactly does a supply chain attack mean in this context? Simply put, it signifies a breach that occurs through an indirect route — attackers exploit vulnerabilities in a third-party supplier’s infrastructure to gain access to the target system. In BigONE’s case, the malicious actors modified vital risk management functionalities, facilitating the theft of over $27 million, including approximately $4 million in Ethereum and various other cryptocurrencies, as reported by CertiK Alert.
#CertiKInsight 🚨 We have seen multiple large token outflows from 0xd4dcd2459bb78d7a645aa7e196857d421b10d93f that are related to the latest BigONE security incident.The exploiter now holds ~$4M in ETH and multiple other tokens (may not be liquidatable ) at… pic.twitter.com/qWM0rFfNbB— CertiK Alert (@CertiKAlert) July 16, 2025
Tracing the Hacker’s Footsteps
As investigations continue, BigONE is collaborating closely with the SlowMist team to trace the perpetrators and monitor fund movements. Reports indicate that the hacker has already begun maneuvering the stolen assets — with the swift movement of funds into cryptocurrencies such as TRX, BTC, ETH, and SOL. Tracking data shows the hacker made significant transactions, including the conversion of 120 Bitcoin valued at $14.15 million and large amounts of Tron and Ether.
Securing the Future: Measures in Place
In response to the attack, BigONE has activated its internal security reserves, encompassing major cryptocurrencies like BTC, ETH, USDT, SOL, and XIN, to manage compensation for affected users. They also highlighted ongoing efforts to secure external liquidity necessary for restoring the platform’s wallet and reinforcing its overall security posture.
Why This Matters: The Bigger Picture
This incident raises critical questions about the security protocols in place at cryptocurrency exchanges. Such attacks can undermine user trust and lead to significant financial losses not only for exchanges but also for individual investors. It serves as a stark reminder of the need for robust security measures and continuous monitoring, especially as the crypto market continues to evolve.
Expert Opinions: What Analysts Are Saying
Experts in the crypto security field are expressing concern over the implications of this attack. “Supply chain vulnerabilities are often overlooked in cybersecurity assessments,” says a hypothetical industry analyst. “Exchanges must prioritize security audits and create resilient strategies to defend against these sophisticated threats.” The consensus among analysts emphasizes that, moving forward, exchanges must adopt a more proactive stance on security.
Looking Ahead: Future Outlook
The fallout from this breach is expected to spark deeper discussions about the safety measures being implemented across the cryptocurrency landscape. As BigONE rolls out enhanced security protocols, the incident may prompt regulators to impose stricter guidelines on exchanges. Additionally, investors may become increasingly discerning about the platforms they choose to engage with, favoring those that demonstrate robust security practices.
Conclusion: Join the Conversation
The recent attack on BigONE is a wake-up call for all participants in the cryptocurrency ecosystem. What are your thoughts on the security measures in place at your exchange? Are you reassured by BigONE’s response to the situation? We would love to hear your opinion in the comments below!