Hotbit Exchange HACKED: Funds Are Safe, Network Vandalized - How Long Will It Be Offline?
[ UPDATE May 2nd - Information Provided By Hotbit ]
- CEO says they've passed a 3rd party security audit, and are now restoring trading servers.
- The restoration and deployment of system environment are still in progress, with approximately 40% of restoration finished
- Hotbit has also provided their cold storage wallet addresses for people to verify hackers did not gain access...
Cold wallet 1 0x2478332FE393BA40dDC9cAf8353a333fA64FDD3f
Cold wallet 2 0x2AcDb44596E2b6FFBBF62614C9aaD9CD04980248
Cold wallet 3 0x4e29B63A980C6e76F9f56EF123DA896f9F16ACe8
Cold wallet 4 0x8533a0bd9310eb63e7cc8e1116c18a3d67b1976a
Original article explaining what happened is below...
----------
Crypto exchange Hotbit was one of the exchanges that found themselves growing fast in users and daily volume as a result of this 2021 bull crypto market. But today all that has come to a halt.
The exchange announced hackers attempted to steal funds and failed, but they still decided to destroy their network.
The Good News: No Coins Stolen...
Hotbit says when the hackers attempted to break into their wallets "the attempt was identified and stopped by our risk control system" their statement continued "In this case, Hotbit team has shut down all services for inspection and restoration immediately".
But it seems these hackers were also... well...assh*les.
Upon seeing access to wallets had been completely cut off, the hackers threw a tantrum - seeking revenge they decided to destroy Hotbit's network. "Hotbit is about to exceed 2 million registered users and has a huge service system architecture of more than 200 servers online" says the exchange.
Hotbit says the ordeal ended with all users coin's safe and secure.
The Bad News: Users Could Be Locked Out For WEEKS...
While the hackers didn't get to their wallets, they did have full access to the database.
So, the concern is: how long were the hackers in the database? Has data before today's date possibly been tampered with?
In severe cases, hackers will leave themselves a backdoor into the database several days before the main hacking event. When a company restores what they believe is a clean copy of their database from a previous day, they're actually opening the door to them once again.
"According to HotbitThe attacker maliciously deleted the user database after failing to obtain assets. Although the database is routinely backed up , we are still uncertain whether the attacker has polluted data or not before the attack. Therefore, we also need to conduct a comprehensive inspection of the overall data."
Hotbit is brining in outside cyber security firms for the process, which they say will take a minimum of 7 days, and possibly up to 3 weeks.
Users Response...
Surprisingly, most user tweets were wishing them good luck, and praising the company's response thus far.
Of course, there's a few accusations of this being an exit scam, and some generally angry users. One tweet to the exchange says this process shouldn't take more than a couple days, and to 'fire the person' in charge of their severs if they're saying it will take weeks. Most of the angry tweets are about the duration they expect to be offline.
Hotbit says updates will be posted to their support page.
-------
Author: Adam Lee
Asia News Desk /