Original source: Beosin
Recently, the cryptocurrency exchange BTCTurk announced that it was attacked by hackers, with multiple on-chain hot wallets experiencing abnormal outflows of over 48 million dollars. The Beosin security team analyzed the incident and tracked the funds, sharing the results as follows:
Currently, the hot wallet addresses from which funds were transferred are as follows:
0xde2faca4bbc0aca08ff04d387c39b6f6325bf82a
0x2cea0297bfb1b55ff37126b677d78e2b1fd2e856
0xb5a46bc8b76fd2825aeb43db9c9e89e89158ecde
Involved chains include Bitcoin, Ethereum (ETH), Avalanche (AVAX), Arbitrum (ARB), Base (BASE), Optimism (OP), and Polygon (POL).
Currently detected hacker relay addresses are as follows:
0xa041feb3a8297c5689fee180083164a061a17fd6
0xb4b537626e21df5386cf167d1e654b38785056cc
0x7d91d1ebeba91257733a523409125aedac5d8b6e
Using the Beosin Trace tool to track the stolen funds, the following flow chart of the main stolen funds on the EVM chain and Bitcoin chain can be obtained:
Beosin Trace EVM chain fund analysis chart
Beosin Trace Bitcoin chain fund analysis chart
Currently, the reason for the attack on BTCTurk's hot wallet has not been disclosed. Investigations need to be conducted on various aspects such as internal operational security of the exchange, security of signing devices, management of mnemonic phrases, and security of the signing environment. Similar security incidents at exchanges have occurred multiple times before, such as the theft of over 1.44 billion dollars, the largest security incident in the crypto field - Bybit incident panoramic chain tracking analysis and Beosin | Analysis of the 235 million dollar theft incident at Indian exchange WazirX.
Exchange security remains a significant challenge in the Web 3 ecosystem, requiring continuous efforts and cooperation from exchanges, security companies, regulatory and law enforcement agencies. Beosin Trace has added the hacker-related addresses from this incident to the blacklist and will continue to track them.
免责声明:本文章仅代表作者个人观点,不代表本平台的立场和观点。本文章仅供信息分享,不构成对任何人的任何投资建议。用户与作者之间的任何争议,与本平台无关。如网页中刊载的文章或图片涉及侵权,请提供相关的权利证明和身份证明发送邮件到support@aicoin.com,本平台相关工作人员将会进行核查。
