-
Notifications
You must be signed in to change notification settings - Fork 69
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
36 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| --- | ||
| date: 2021-08-28 | ||
| target-entities: Bilaxy | ||
| entity-types: | ||
| - Exchange | ||
| - Custodian | ||
| attack-types: Wallet Hack | ||
| title: "Bilaxy Exchange Suffers Security Breach with a Loss of $21 Million" | ||
| --- | ||
|
|
||
| ## Summary | ||
|
|
||
| On August 28, 2021, Bilaxy, a Seychelles-based centralized exchange, experienced a security breach, resulting in a loss of approximately $21 million. The attacker compromised Bilaxy's hot wallet and transferred roughly 300 tokens, including notable cryptocurrencies such as USDT, USDC, UNI, and Bilaxy Token(BIA), among others. As of August 16, 2023, the attacker still controls various tokens worth roughly $3,628,005. | ||
|
|
||
| ## Attackers | ||
|
|
||
| The identity of the attackers remains unknown. The funds were transferred to the following address: | ||
| - [0xa14d5da3c6bf2d9304fe6d4bc6942395b4de048b](https://etherscan.io/address/0xa14d5da3c6bf2d9304fe6d4bc6942395b4de048b) | ||
|
|
||
| ## Losses | ||
|
|
||
| The total loss from this security breach amounts to approximately $21 million. | ||
|
|
||
| ## Timeline | ||
|
|
||
| - **August 28, 2021, 06:19 PM UTC:** The [first malicious transaction took place](https://etherscan.io/tx/0x1c46175d138eb5be91c4c2e67e4a190058eba8298792e42b71674cf710d6a95e) with a transfer of 58 ETH. | ||
| - **August 28, 2021, 07:00 PM UTC:** The Bilaxy website was suspended for emergency maintenance. | ||
| - **August 29, 2021, 01:41 AM:** Bilaxy [announced the hack on their Twitter](https://twitter.com/Bilaxy_exchange/status/1431794222198181892) and advised against deposits. | ||
| - **August 30, 2021, 03:00 PM UTC:** Bilaxy provided a [detailed update on its Telegram channel](https://t.me/s/bilaxy_announcements?q=Updates+for+Bilaxy+ERC20+hot+wallet+hacked+incident), disclosing the timeline of the incident. | ||
| - **August 30, 2021, 03:08 PM UTC:** Bilaxy [released a statement on Twitter](https://twitter.com/Bilaxy_exchange/status/1432359586074226690) saying that only some tokens were affected and other native assets such as BTC or ETH were safe. | ||
| - **August 30, 2021, 03:26 PM UTC:** 200 ETH were laundered via Tornado Cash mixer in two transactions: [one](https://etherscan.io/tx/0x98efcfa24ab0c37a490e02d43d4b22d45565ef9b91fa40214de53407e21f739b), [two](https://etherscan.io/tx/0x194c25c2eedd006a8babc7a976b499e3d96ad3b9822b4691429a09a75d68735b) | ||
|
|
||
| ## Security Failure Causes | ||
|
|
||
| - **Private Key Compromise:** The attack was facilitated through a compromise of Bilaxy's hot wallet, allowing the attacker to gain control over various assets. | ||
| - **Insufficient Security Measures:** Bilaxy's lack of focus on security, insufficient blockchain monitoring, absence of two-factor authentication (2FA) in some layers of the protocol, and overall lack of transparency. |