Chinese crypto exchange, Hotbit, has shut down all of its services after suffering a cyberattack on Thursday.
The cryptocurrency exchange with over 2 million users worldwide announced that it suffered an attack that forced some of its services to paralyze as the attached tried to access the exchange’s wallets.
“Hotbit just suffered a serious cyber-attack starting around 08:00 PM UTC, April 29, 2021, which led to the paralyzation of a number of some basic services,” a notice on the platform’s website reads.
The Attack Was Unsuccessful
Although the hackers did not have access to the wallets, they did have complete control over the database. As a result, the Hotbit team has advised customers to disregard any communication from entities claiming to be representatives of the exchange.
So, the question is: how long did the hackers have access to the database? Is it possible that data from before today’s date has been tampered with?
In the most extreme situations, hackers will create a loophole into the database several days before the main attack. When an organization recovers what they consider to be a clean copy of their database, they are essentially reopening the door to them.
Regarding the recovery period, the exchange expects it to take about 7-14 days, emphasizing that it “is expected to be no less than 7 days.” Furthermore, “The estimated time of recovery will be more as all things going on.”
The exchange shared additional information regarding affected orders and products:
Leveraged ETF products are not suitable for long-term holding and therefore Hotbit will be fully responsible for all losses suffered by the position-holder during the maintenance period.
Your Open Orders on Hotbit will be canceled when the system is restored to avoid unintended trading losses.
All daily routine income distributions (such as investment products, current products and FIL cloud computing power ) will be paid out after the maintenance is completed.
Addressing users on the exchange’s Telegram group, Alex Zhou, chief security officer of Hotbit, revealed that user funds were unaffected by the attack, stating: “The attacker tried to break into the wallet server to steal funds but the action was identified and blocked successfully by Hotbit risk control system. All users’ funds are safe.”
“At the same time, Hotbit is in the process of transferring all funds in hot wallet to cold wallet, the details of the whole integration could be seen on the chain,” he added.
Multiple token outflows from one of Hotbit’s customers wallets to another address that currently holds around $14 million in many altcoins, according to data from Ethereum transaction monitoring tool Etherscan.
Users Response To Attack
Surprisingly, the majority of user tweets wished them luck and praised the company’s response to the attack so far.
Of course, there have been some claims that this is an escape scam, as well as some generally unhappy users. One tweet in response to the exchange says that this phase should take no longer than a few days, and that if they say it will take weeks, they should “fire the guy” in charge of their servers. The majority of the irate tweets are about how long they expect to be offline.
Last month, two big Turkish exchanges went offline, with their executives fleeing with millions of dollars in customer funds. Both events resulted in a flurry of arrests by law enforcement authorities, as well as government efforts to set up a central custodian bank for cryptocurrency exchanges in Turkey.
Hotbit is currently giving daily updates on the development on their site.