6-6-2025 – In a major cybersecurity breach, Taiwan-based crypto exchange BitoPro has confirmed a cyberattack on 8 May, resulting in the loss of over $11 million from an outdated hot wallet. The attack was first flagged by blockchain sleuth ZachXBT, revealing once again the persistent vulnerabilities plaguing the digital asset sector.
Attack targeted legacy infrastructure during wallet upgrade
The incident occurred during a routine wallet upgrade, during which a legacy hot wallet was compromised. BitoPro acted quickly to contain the damage, transferring user funds to new secure wallets and cutting off the attacker’s access. The platform has since fully replenished the stolen assets from its reserves, ensuring no customer funds were affected.
A company spokesperson noted that trading, deposits, and withdrawals have remained unaffected throughout the incident, highlighting the robustness of the platform’s operational safeguards.
Cybersecurity firm engaged; New wallet addresses incoming
To prevent future breaches and reinforce transparency, BitoPro has enlisted a top-tier cybersecurity firm to conduct a comprehensive investigation. The exchange also intends to publish updated hot wallet addresses shortly and reiterated that the majority of assets are secured in cold storage, beyond the reach of online attackers.
This approach reflects an industry best practice, as cold wallets remain one of the strongest defences against exchange-targeted hacks.
Funds laundered via DEXs, privacy mixers
According to ZachXBT’s analysis, the stolen assets were swiftly laundered through a mix of decentralised exchanges (DEXs) and privacy-enhancing tools. The attacker eventually channeled the funds into Wasabi Wallet, a Bitcoin mixing service known for obfuscating transaction trails—making asset recovery highly complex.
BitoPro remains a regional crypto pillar
Launched in 2018 under BitoGroup, BitoPro plays a pivotal role in Taiwan’s crypto trading ecosystem. The platform regularly facilitates over $20 million in 24-hour trading volume, serving retail and institutional users seeking to trade major cryptocurrencies against the Taiwanese dollar (TWD).
Despite the breach, BitoPro’s swift response and proactive communication have helped stabilise user trust. The exchange’s collaboration with cybersecurity experts signals a strengthened commitment to security in a sector where breaches remain an ongoing threat.
