BigONE Hack: Crypto Exchange Loses $27M in Third-Party Attack — Vows Full Compensation

Crypto exchange BigONE confirmed a major security breach on July 16, disclosing that a third-party attack targeted its hot wallet infrastructure, leading to an estimated loss of $27 million. The attack was detected through real-time monitoring systems that flagged abnormal asset movements.

“Upon investigation, it was confirmed to be the result of a third-party attack targeting our hot wallet,” BigONE stated.

Despite the breach, BigONE assured users that all private keys remain secure, and the attack path has been contained to prevent further losses.

Stolen Assets Include Bitcoin, Ether, USDT, and More

The attack resulted in the loss of a wide range of assets, including:

120 BTC (~$14.2 million)
350 ETH (~$1.1 million)
Millions in USDT across multiple chains
Other tokens including CELR, SNT, and SHIB

BigONE has since partnered with blockchain security firm SlowMist to trace the hacker’s wallet addresses and monitor the flow of the stolen assets.

In an effort to maintain user trust, BigONE pledged to fully cover all losses resulting from the breach. The exchange has activated its internal security reserves — including BTC, ETH, USDT, Solana (SOL), and Mixin (XIN) — to begin restoring impacted funds.

“For other affected mainstream and non-mainstream tokens, we are actively securing external liquidity through borrowing mechanisms,” the exchange added.
How the Hack Happened: A Breakdown

A separate report from blockchain security firm Cyvers revealed deeper insights into the breach. According to Cyvers, the attacker exploited the exchange’s production network, likely through a compromised CI/CD pipeline or server management channel.

The attack involved:

Deployment of malicious binaries to account-operation servers
Initial theft of 350 ETH
Rapid expansion to other assets including BTC, Solana, and Tron
Consolidation of stolen assets into a single wallet address

The hacker later converted funds into WETH/ETH, suggesting plans to mix or launder assets via decentralized exchanges.

Cyvers also identified critical vulnerabilities in BigONE’s infrastructure, including:

Single-point failure in hot wallet management
Lack of code integrity controls
No pre-transaction validation

Weak network segmentation between development and wallet-management systems
These gaps significantly increased the platform’s susceptibility to sophisticated exploits.

Broader Implications: A Growing Trend

This incident comes just one day after another DeFi platform, Arcadia Finance, suffered a $3.5 million exploit on the Base blockchain. According to Cyvers, total losses from hacks and exploits in 2025 have already exceeded $2.47 billion, a slight increase over 2024’s $2.4 billion.

The BigONE breach underscores the ongoing vulnerability of centralized platforms, even those with established security frameworks. While the exchange’s commitment to cover losses may mitigate short-term damage, the incident raises fresh concerns about the need for robust code audits, segmented architecture, and better hot wallet isolation across the industry.