BigONE, a global cryptocurrency exchange, has confirmed a major security breach resulting in losses exceeding $27 million, following a supply chain attack on its infrastructure. The exploit, which occurred on July 16, targeted the exchange’s hot wallet through a third-party compromise, marking one of the latest high-profile incidents in the crypto sector.
The company is now working with blockchain security firm SlowMist to trace the attacker and track the movement of stolen funds across multiple blockchains, including Ethereum, BSC, Solana, Bitcoin, and Tron.
How the Attack Happened
Unlike many crypto hacks that involve stolen private keys, this breach exploited BigONE’s production network—the live server environment responsible for account and withdrawal logic. According to the company, the attacker infiltrated the server system and manipulated the operating logic that determines which withdrawals are approved. This allowed them to bypass traditional controls and approve fraudulent withdrawals without ever accessing users’ private keys.
By modifying internal withdrawal conditions, the attacker was able to quietly siphon funds without triggering immediate alarms. Once the breach was detected, BigONE quickly disabled deposits and withdrawals to prevent further damage.
What Happens Next
In response to the breach, BigONE activated its internal security reserves to stabilize operations and safeguard customer assets. The company emphasized that all private keys remain secure, and the vulnerability has been identified and contained.
To restore user functionality, the exchange is borrowing external liquidity to replenish affected wallets. This step ensures that trading and withdrawal functions can resume while maintaining on-chain balance.
“We’re working around the clock with SlowMist to trace the attacker and recover the assets,” the BigONE team stated. “We’re also implementing enhanced safeguards and will restore full service shortly.”
🚨SlowMist TI Alert🚨
— SlowMist (@SlowMist_Team) July 16, 2025
The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw… pic.twitter.com/GkxlNIUs6A
A Broader Threat: Supply Chain Attacks in Crypto
This incident underscores the growing threat of supply chain attacks in the cryptocurrency space—where vulnerabilities in third-party tools or systems can lead to major breaches. These attacks are often difficult to detect, as they exploit trusted components within an organization’s tech stack.
While the full scope of the damage is still under review, this breach adds to a long list of recent incidents highlighting the need for multi-layered cybersecurity in an industry built on decentralized technology.
