$28 Million Stolen From Deribit Hot Wallets

Reading Time: 2 minutes
  • $28 million has been stolen from the hot wallets of Bitcoin options platform Deribit
  • User funds are not affected and the company says it will cover the loss
  • No explanation has yet been offered as to how the hackers got in

Bitcoin options giant Deribit has been exploited and $28 million stolen from its hot wallets, the exchange announced this morning. The platform posted a message on Twitter to say that the hot wallets had been compromised but that customer funds were safe, with the company funding the shortfall, although it didn’t offer any early theories as too how the hackers accessed its hot wallets.

Users Funds Not Impacted

Deribit stated that the hack took place before midnight last night, but that only the hot wallets belonging to the exchange were compromised – client assets and any cold storage addresses were not affected, nor was Fireblocks, its digital asset custody, transfer and settlement platform.

The exchange explained that as company policy it keeps 99% of user funds in cold storage to limit the impact of events such as this, with the hackers restricted to Deribit’s BTC, ETH and USDC hot wallets.

Deribit has also halted withdrawals while increasing the number of confirmations on deposits, and is asking people not to send deposits for the moment in order to avoid a backlog.

No Hack Details Offered Yet

The company finished the tweet thread by saying that it was still in a “financially sound position” and that “ongoing operations will not be impacted”, reinforcing the message that user funds were not impacted and that the shortfall will be met by company reserves.

It seems too early to tell exactly how the hackers were able to gain access to the Deribit hot wallets, but situations like this often point to humans being the weak point, with a phishing attack or social engineering regarding a Deribit employee the most likely avenue at the moment, going from past experience.