Cryptocurrency trading platform BitMart has identified a large-scale security breach related to one of its ETH hot wallets and one of its BSC hot wallets with the hackers able to withdraw assets valued at over $200m (£150m).

The company said that after an internal investigation on the attack – discovered on 5 December – the breach was allegedly caused by a stolen private key that had two hot wallets compromised, with CEO Sheldon Xia emphasising that “other assets with BitMart are safe and unharmed”.

“The affected ETH hot wallet and BSC hot wallet carries a small percentage of assets on BitMart and all of our other wallets are secure and unharmed,” he said.

The platform temporarily suspended withdrawals in the aftermath of the attack, announcing that withdrawal functions could be restored on 7 December.

—

BitMart response

In response to the incident the company said it completed initial security checks and identified affected assets to identify the cause of the attack. CEO Xia said that users will be entitled to compensation, without specifying the exact amount.

“BitMart will use our funding to cover the incident and compensate affected users. We are also talking to multiple project teams to confirm the most reasonable solutions such as token swaps. No user assets will be harmed,” he said.

“We are now doing our best to retrieve security set-ups and our operation. We need time to make proper arrangements and your kind understanding during this period will be highly appreciated.

“In terms of asset deposit and withdrawals, we are confident that deposit and withdrawal functions will gradually begin on December 7, 2021. The detailed timelines will be announced very soon. Thank you,” Xia added.