BigONE has suffered a devastating security breach, with hackers managing to drain over $27 million in assets within just minutes. The attackers moved quickly, executing cross-chain swaps across four major blockchains, leaving users in shock and traders uneasy.
Swapped Into:
- 120 BTC (~$14.15M)
- 23.316 million TRX (~$7.01M)
- 1,272 ETH (~$4M)
- 2,625 SOL (~$428K)
Involved Wallets:
- BTC: bc1qwxm53zya6cuflxhcxy84t4c4wrmgrwqzd07jxm
- TRX: TCAfB8jHbJ56xwmfwKwWEs8HLRjbC2GfHG
- ETH: 0x0A360bD648EB86613961a2AA41dC1610c5305F4F
- SOL: 7RWHQ7ujSFwokAPkAhHTdiPxRF2LmqrvgYEqDiAjLxdH
Late yesterday, BigONE’s internal systems flagged unusual withdrawal activity. The team responded within minutes by suspending all deposits. However, by that time, the hackers had already gained control of the platform’s hot wallets. In a rapid series of transactions, they extracted millions in crypto.
The attackers didn’t stop there. They immediately fragmented the stolen funds, pushing them through a mix of bridges and decentralized exchanges (DEXs). Assets were quickly swapped, some converted to privacy coins to obscure the trail. Each transaction happened almost instantly, making it difficult for investigators to keep up.
🚨SlowMist TI Alert🚨
The exchange @BigONEexchange was exploited due to a supply chain attack and loss exceeds $27 million. The production network was compromised, and the operating logic of account and risk control related servers was modified, enabling the attacker to withdraw… pic.twitter.com/GkxlNIUs6A
— SlowMist (@SlowMist_Team) July 16, 2025
Blockchain analysts and on-chain sleuths wasted no time mapping the hacker’s four wallet addresses. All of them showed rapid, high-volume activity.
- The BTC address funneled all 120 BTC (about $14.15M) into a mixing service.
- The TRX wallet scattered over 23 million TRX across multiple accounts in a deliberate obfuscation attempt.
- The ETH wallet deployed 1,272 ETH via smart contracts to disperse funds.
- The SOL stash routed 2,625 SOL through the Serum DEX.
Investigators have tagged each transaction, and screenshots of the movement are being widely shared on social media. Despite privacy measures, many of the hacker’s steps remain visible on-chain, allowing ongoing surveillance.
BigONE Responds, Promises Full Reimbursement
BigONE moved quickly to reassure its community. In a bold statement, the exchange promised to fully cover all user losses. They confirmed that insurance reserves would be used, and all withdrawals would remain paused until critical upgrades are completed.
They’ve brought in external auditors, hardened their security infrastructure, and isolated hot wallets into secure enclaves. A full audit roadmap has been shared publicly, and white-hat hackers have been invited to test the new systems.
“We stand by our users. We will cover every cent lost. Security upgrades are nearly complete. Thank you for your continued trust and patience,” BigONE said in a pinned post on X.
The response has drawn mixed reactions. Some in the community applauded the fast, transparent action and the guarantee of reimbursement—a rare move in the crypto world. Others remain skeptical, questioning how such a breach occurred and whether user funds are truly safe moving forward.
Regulatory agencies across multiple jurisdictions have begun coordinating their responses. Interpol, U.S. regulators like the SEC and FinCEN, and Asian watchdogs have all requested logs and incident reports from BigONE. These cross-border investigations highlight the complex legal landscape that continues to challenge crypto enforcement.
Meanwhile, bridges and DEX platforms are tightening their KYC checks, and several protocols are revisiting on-chain AML safeguards. Conversations across the community are intensifying—particularly around the trade-off between convenience and custody.
Key Takeaways:
- Hot wallets remain a critical risk, even for major exchanges.
- Real-time audits and responsive monitoring are essential.
- Clear, transparent insurance policies help rebuild trust.
- Privacy tools make asset tracing more difficult—but not impossible.
The wallets used in this attack are still being tracked, and any further movement could provide clues—or expose vulnerabilities. While BigONE’s recovery plan offers reassurance, the crypto world is once again reminded of the high stakes involved.
Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.
Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!
