The post BigONE Hacked: Hacker Steals Over $27 Million Worth of Crypto appeared first on Coinpedia Fintech News A major crypto exchange has just faced one of its worst nightmares. Singapore-based cryptocurrency exchange BigONE was hit by a stealthy supply chain attack that allowed hackers to bypass its defenses without ever needing private keys. With over $27 million in assets drained, security teams are now racing to track the stolen funds. Here’s what happened. How The Hack Happened? According to an official statement from BigONE , the attack targeted its production network, compromising key servers responsible for account management and risk control. This allowed hackers to withdraw crypto assets, even though no private keys were stolen. The total loss is estimated at over $27 million, with funds taken from multiple wallet addresses. Blockchain security firm SlowMist, which is now helping track the attacker, confirmed that the breach was the result of a supply chain attack, one of the most dangerous and stealthy forms of cyber intrusion in the crypto space. SlowMist TI Alert The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw… pic.twitter.com/GkxlNIUs6A — SlowMist (@SlowMist_Team) July 16, 2025 This means the hacker didn’t need to steal private keys (the passwords for crypto wallets). Instead, they found a weakness in the exchange’s systems and used it to access the hot wallet directly. Suspicious Wallet Movements Detected Tracking the movement of the wallet, blockchain security firm CertiK Alert first noticed strange activity from wallet address 0xd4d…d93f. This wallet was used to move out stolen tokens linked to the BigONE exchange hack. Later, the stolen assets were sent to another wallet, 0x0a3…05f4f, which now holds around $4 million in Ethereum (ETH) and many other tokens. The hacker didn’t just take ETH. The outflows also included SHIBA INU, CelerToken, and several small altcoins. This mix of assets makes the investigation more complex. Quick Action and Compensation Plan Soon after detecting suspicious activity in the hot wallet, BigONE’s team moved fast to contain the situation. BigONE has responded by saying they will cover any losses faced by users. For the time being, the attack path has been blocked, and further losses have been prevented. The platform reassured users that their private keys remain safe and intact. They are also doing a full review to improve their system’s safety before turning everything back on. Should I withdraw from BigONE? Following the recent security breach, BigONE has temporarily paused deposits, withdrawals, and trading services. The platform is currently working to restore its systems. Once that’s complete and new safety measures are in place, withdrawals will reopen. For now, users can’t withdraw funds, but BigONE has promised that all user losses will be fully covered and that funds remain safe. What happened in the BigONE exchange hack? In July 2025, Singapore-based crypto exchange BigONE was targeted in a sophisticated supply chain attack. Hackers breached its production network, compromising key servers without needing access to private keys. Over $27 million in assets were drained from hot wallets before the attack was contained. Was BigONE exchange hacked in July 2025? Yes, BigONE suffered a major security breach in July 2025 due to a stealthy supply chain attack. Blockchain firms like SlowMist and CertiK are now helping track the stolen funds, which include Ethereum, SHIBA INU, CelerToken, and more. How did hackers bypass private keys in the BigONE hack? The attackers didn’t need to steal private keys. Instead, they exploited vulnerabilities in BigONE’s production network using a supply chain attack. This allowed them to access internal systems and authorize withdrawals directly from the hot wallet. What is a supply chain attack in crypto? A supply chain attack in crypto occurs when hackers infiltrate trusted software, infrastructure, or third-party services used by a platform. Instead of attacking the platform directly, they manipulate dependencies to gain unauthorized access, making it one of the most difficult types of hacks to detect and stop.
