XT.com crypto exchange loses 1M USDT in hack and suspends withdrawals to secure users’ funds

The XT.com exchange announced today that its wallet had been hacked and an ‘abnormal asset transfer’ had transferred out nearly $1M worth of USDT. XT confirmed that its users’ funds remained safe and unaffected, and only assets belonging to the exchange were affected. 

The Seychelles-based exchange said it had suspended all activity on its platform, including user withdrawals. XT added that immediate action was being taken and that countermeasures would be launched by mid-next month to ensure such an event does not reoccur.

XT says ‘abnormal assets transfer’ will not affect users’ funds

🚨 XT Statement on Abnormal Transfer of Platform Wallet Assets 🚨

Today, XT detected an abnormal transfer from our platform wallet. Rest assured, this will not affect our users. 💪

🔒 We always maintain reserves 1.5x greater than user assets to ensure maximum security.

Our… pic.twitter.com/SdEL75PxZF

— XT Exchange (@XTexchange) November 28, 2024

The XT.com exchange, ranked 23rd on Coingecko, released a statement today reporting that 1 million USDT had been ‘abnormally’ transferred from its platform’s wallet with the on-chain address: 0xdb3ded7731c. The exchange asked its users to remain calm, reassuring them that the hack did not affect their funds. XT confirmed that it always reserved 1.5x the users’ funds due to its user-centric approach to ensure ‘maximum’ security and zero losses for the users. 

The exchange added that its technical team was establishing the identities of the malicious actors and the destination of the stolen assets. XT said it remained committed to protecting its users’ assets. Freezing withdrawals and suspending other operations was one of its initial countermeasures. “All will be back to normal soon,” said the XT team. 

However, blockchain security company Peckshield claimed that the stolen assets had already been swapped for 461.58 ETH sitting in a wallet with the address 0xB43f…8F83.

The XT team disclosed that steps were underway to launch the Merkle Tree Asset Proof System by mid-December for even greater transparency and heightened security. 

Coingecko’s data showed that XT had over $47 million in reserves with a daily trading volume of over $3 billion. 

The XT hack marks a string of recent hacker attacks on CEXs

The XT malicious attack adds to a growing list of recent incidents facing CEXs. Today, a Microsoft blog exposed a group of North Korean hackers called ‘Sapphire Sleet.’ The group posing as venture capitalists and recruiters had managed to steal over $10 million worth of crypto in six months from unsuspecting individual and institutional investors and billions in the past decade.

In September alone, the BingX exchange lost $43 million, and Indodax lost about $22 million. On-chain data revealed that BingX had lost $43 million in multiple tranches, with ETH ($13M), BNB ($2.3M), and USDT ($4.4M), among others, being drained from the exchange. Viven Lien, CFO at BingX, announced that deposits and withdrawals had been suspended as data from Etherscan confirmed that the stolen loot had been swapped for ETH.

Indodax, on the other hand, lost over $22 million worth of ETH ($14M), TRX ($2.4M), BTC ($1.4M), and MATIC ($2.5M), among other smaller tokens. The platform also suspended all activities immediately after the hack.

Other major hacking incidents that made news this year include the loss of over $300 million worth of Bitcoin from the Japanese DMM exchange in May and the loss of over $235 million worth of tokens from the Indian WazirX exchange in July.

Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap