Australian cryptocurrency exchange CoinSpot is grappling with a significant setback as approximately $2 million worth of Ethereum (ETH) has been lost in a suspected exploit. Founded in 2014, CoinSpot had not experienced significant hacks until now. However, the exchange’s users were targeted in a phishing attack in December 2021.
Blockchain investigator ZachXBT brought attention to the incident on Nov. 8 through his Telegram channel, revealing that two wallets associated with CoinSpot had been drained of more than 1,282 ETH in just five minutes.
ZachXBT’s investigation exposed two suspicious transactions leading to the alleged hacker’s wallet. The unsettling revelation continued as the stolen funds were bridged to the Bitcoin (BTC) network using ThorChain and Wan Bridge.
CertiK Points to Possible CoinSpot Private Key Compromise
CertiK, a prominent blockchain security firm, suggests a potential compromise of a private key linked to one of CoinSpot’s hot wallets as the likely cause of the exploit.
The stolen funds, initially in ETH, were converted into wrapped Bitcoin (WBTC), USDC, and USDT using various smart contracts on platforms such as Uniswap, THORchain, and WBTC. Subsequently, the address executed a transfer, converting 831 Ether into Bitcoin via ThorChain, and then spread the stolen Bitcoin across four different wallet addresses.
Analysis of BTCScan data revealed that the owners of the Bitcoin wallets systematically divided the funds into smaller portions, a common tactic employed by cyber attackers to impede tracking efforts.