Tweet author didn't thread tweets properly. Full 3-tweet sequence:
1/3 We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions. https://twitter.com/sheldonbitmart/status/146731625285522636...
2/3 The affected ETH hot wallet and BSC hot wallet carries a small percentage of assets on BitMart and all of our other wallets are secure and unharmed. We are now conducting a thorough security review and we will post updates as we progress.
https://twitter.com/sheldonbitmart/status/146731630643736166...
Hours in, seems the vulnerability was not yet patched but simply blue-checks had posting rights pulled. Only non-verified accounts have been posting the wallet key for a while now (search new to find them).
I know it's easy to judge from afar but I can't believe they're leaving the site up during this.
> The @SECGov twitter account was compromised, and an unauthorized tweet was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
> The @SECGov X account was compromised, and an unauthorized post was posted. The SEC has not approved the listing and trading of spot bitcoin exchange-traded products.
if you're talking about https://twitter.com/LukeDashjr/status/1609661811455819776, my guess is that he's either omitting something (eg. the cold wallet was internet connected, or there was a backup of its wallet floating around somewhere), or suffered a stuxnet level attack.
> We detected what we believe to be a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools.
It was social engineering, but still access to internal tools which made this bypass possible.
"Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again."
This is the earliest non-deleted tweet I've found referencing the bitcoin address (or rather, noticing that an account got hacked). It was sent at 12:23PM Pacific time (more than 1.5 hours ago): https://twitter.com/lawmaster/status/1283481418518208513
1/3 We have identified a large-scale security breach related to one of our ETH hot wallets and one of our BSC hot wallets. At this moment we are still concluding the possible methods used. The hackers were able to withdraw assets of the value of approximately USD 150 millions. https://twitter.com/sheldonbitmart/status/146731625285522636...
2/3 The affected ETH hot wallet and BSC hot wallet carries a small percentage of assets on BitMart and all of our other wallets are secure and unharmed. We are now conducting a thorough security review and we will post updates as we progress. https://twitter.com/sheldonbitmart/status/146731630643736166...
3/3 At this moment we are temporarily suspending withdrawals until further notice. We beg for your kind understanding and patience in this situation. Thank you very much. https://twitter.com/sheldonbitmart/status/146731636573223321...
reply