- Exchange AscendEX has promised to refund users after $77 million worth of tokens were stolen from its platform
- AscendEX has contacted other exchanges and publicized the addresses used by the hackers
- The exchange has handled the incident in a way that should be used as a template for other exchanges
The cryptocurrency exchange AscendEX, formerly called BitMax, has said that its cold wallets were not compromised in a hack on the platform over the weekend, and that any users that have suffered losses will be made whole. AscendEX suffered a hack thought to be worth in the region of $77 million on Saturday, with the exchange reporting that only its hot wallets were compromised, while other exchanges promised to assist in blocking or freezing assets related to the AscendES hack.
Hot Wallets Only Compromised
AscendEX first reported unusual activity late on Saturday, tweeting that it had “detected a number of ERC-20, BSC, and Polygon tokens transferred from our hot wallet”. The exchange the posted a tweet thread a few hours later detailing what it had learnt about the hack:
Update to Security Incident: On December 11 at approximately 22:00 UTC, AscendEX identified a number of unauthorized transfers from one of our hot wallets. A security response was initiated immediately. Cold wallets are unaffected and any impacted users will be reimbursed 100%
— AscendEX (@AscendEX_Global) December 12, 2021
After securing remaining funds, AscendEX reported the theft to local law enforcement and blockchain forensic firms and contacted other exchanges to warn them of the potential for stolen funds to enter their exchange. They also posted the addresses to which the funds were sent.
In the interim, blockchain security firm Peckshield broke down the denomination and valuation of the funds stolen, which amounted to $77 million worth of tokens:
Estimated loss @AscendEX_Global: $77.7M in total ($60M on @ethereum $9.2M @BinanceChain $8.5M @0xPolygon). Here is the list of the transferred-out assets and their amounts on @ethereum pic.twitter.com/VC4DKOwu4f
— PeckShield Inc. (@peckshield) December 12, 2021
AscendEX Response One of the Best Yet
The response of AscendEX has been a perfect example of how to handle such a breach, with users promised from the outset that their any losses would be made whole and that other funds had been moved to cold wallets for safety. AscendEX has also been very forthright about the activity and has shared all the necessary information with the community, something that not all exchanges do in such circumstances.
