BitoPro Silent on $11.5M Hack: Investigator Uncovers Massive Crypto Theft

Cryptocurrency investigator @zachxbt, while analyzing on-chain transactions, uncovered a suspicious movement of funds linked to the Taiwanese cryptocurrency exchange BitoPro. Approximately $11.5 million in stolen assets were reportedly sold through decentralized exchanges and subsequently laundered using various mixing services.

Initially, BitoPro informed its users only that the platform was temporarily offline due to maintenance. It wasn’t until @zachxbt disclosed key findings that BitoPro issued an official statement acknowledging the theft—raising concerns that the exchange had no intention of disclosing the breach unless external scrutiny forced its hand.

On June 2, BitoPro finally released an official announcement. The company wrote:

“BitoPro recently experienced a cyberattack on an old hot wallet during a wallet system upgrade. Upon detection, we quickly launched an emergency response, securing assets by moving them to new wallets and blocking the attacker. We’ve also engaged a third-party cybersecurity firm to investigate and track leads.

BitoPro’s virtual asset reserves are ample, and user assets remain completely unaffected. Since the incident, all deposit, withdrawal, and trading functions have continued to operate normally.

To show our commitment to asset security and transparency, we will soon disclose BitoPro’s new hot wallet addresses. The vast majority of our assets are securely held in offline cold wallets.

We’re continuously strengthening our security and wallet management. We appreciate your continued support and promise to maintain the highest standards for secure, stable services.“

While the exchange’s initial silence is troubling, the scale of the breach—though significant—is unlikely to threaten BitoPro’s solvency, suggesting that the platform will absorb the losses internally, leaving user funds unaffected. Nevertheless, in the realm of cryptocurrency, maintaining prompt and transparent communication is paramount. BitoPro should have disclosed this security incident immediately.

Related Posts:

• Operation Phantom Circuit: North Korea’s Global Data Exfiltration Campaign Unveiled
• 2,000 Computers Infected: Inside UAC-0027’s Devastating Ukraine Attack