Crypto exchange BigONE experienced a major security breach on July 16, 2025, resulting in losses exceeding $27 million. The attack occurred shortly after the platform completed a system-wide upgrade, with hackers exploiting vulnerabilities to alter server logic handling accounts and risk controls. This enabled unauthorized withdrawals from BigONE's hot wallet.
According to blockchain analytics firm Lookonchain, the attacker converted stolen assets into 120 BTC (~$14.15M), 23.3M TRX (~$7.01M), 1,272 ETH (~$4M), and 2,625 SOL (~$428K). Additional stolen assets included stablecoins and altcoins such as SHIB, DOGE, and UNI, though exact amounts weren't disclosed. Funds were laundered through multiple wallets post-theft.
BigONE assured users their assets remained secure and committed to covering all losses using internal reserves including BTC, ETH, USDT, SOL, and native token XIN. The exchange temporarily suspended withdrawals pending security enhancements, though trading and deposits were expected to resume within hours. Cybersecurity firm SlowMist confirmed no private keys or user credentials were compromised during the breach.
This incident highlights recurring security vulnerabilities during exchange upgrades, with blockchain investigator ZachXBT criticizing BigONE's alleged past involvement in scams. The hack has reignited discussions about centralized exchange risks and prompted calls for tighter regulatory oversight and improved security protocols industry-wide.