In a shocking development, CoinSpot, a leading Australian cryptocurrency exchange, was reportedly hit by a cyber-attack, resulting in a loss of about $2.4 million. This breach is believed to be a consequence of a probable hot wallet key breach, according to blockchain security firm CertiK.
The incident was first identified by blockchain detective ZachXBT, who noticed two transactions moving into the alleged hacker’s wallet before transitioning to the Bitcoin network. CertiK confirmed the breach in a discussion with Cointelegraph.
Data from Etherscan showed a transfer of 1,262 Ether (roughly $2.4 million) from a CoinSpot wallet to the alleged hacker’s wallet. The receiver then made several transactions, swapping Ether for Wrapped Bitcoin (WBTC) on Uniswap, and later for Bitcoin on Thorchain, sending the Bitcoin to four separate wallets.
Information from BTCScan revealed the Bitcoin being spread across multiple new wallets in smaller amounts, a typical strategy to obstruct tracking of stolen assets.
CoinSpot, which serves approximately 2.5 million customers, is regulated by AUSTRAC and holds an Australian Digital Currency Exchange License.
