Old Wallet, Big Loss: BitoPro Hit with $11.5 Million Crypto Theft

The stolen funds were taken from the exchange’s online wallets, commonly used to handle day-to-day transactions across Ethereum ETH $2,623.40 , Solana SOL $156.31 , Tron TRX $0.2680 , and Polygon MATIC $0.2187 networks.

BitoPro made no public announcement at the time. On May 9, BitoPro briefly paused operations for maintenance, which was resolved within a few hours. However, users reported being unable to withdraw USDT USDT $0.9955 .

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

How Do KYC & AML Work in Crypto? (Explained)

SUBSCRIBE

ON YOUTUBE

It was not until June 2 that BitoPro publicly acknowledged the breach. In a message posted on Telegram, the company explained that the incident happened during an internal update to its wallet system. While moving funds around, an older hot wallet was left exposed, which gave the attacker a chance to access the assets.

Additionally, blockchain analyst ZachXBT reported on June 2 that the stolen tokens were moved to decentralized exchanges, where they were swapped. From there, the funds were either mixed through Tornado Cash or sent through THORChain RUNE $1.67 to Bitcoin BTC $105,073.13 .

BitoPro has stated that its reserves are large enough to cover the loss and that users can continue to withdraw funds without restrictions. Trading services, deposits, and withdrawals have stayed online the whole time.

The company also mentioned that it has hired a blockchain security firm to track down the stolen funds.

On May 22, Cetus, a decentralized exchange (DEX), paused operations following a suspected $200 million exploit, with $63 million bridged to Ethereum. How did the attacker manage to pull it off? Read the full story.