As reported by the exchange itself, Eterbase suffered an attack that hit its hot wallet, which forced the platform to close temporarily to resolve the problem.
Dear users, the exchange is currently in maintenance mode because our hot wallets were compromised last night:https://t.co/XWZZoWxLd0
Sorry for the inconvenience and please have some patience untill we solve the issue.
— ETERBASE (@ETERBASE) September 8, 2020
From what can be gathered, the attack involved 6 different crypto assets. To be precise we are talking about:
- Around $4 million in Ethereum (ETH) and various ERC20 tokens;
- Over $45,000 worth of Tron (TRX);
- Almost half a million dollars in Tezos (XTZ);
- Over 100 thousand dollars in Bitcoin (BTC);
- Over 400 thousand dollars in Algorand (ALGO);
- Over 300 thousand dollars in Ripple (XRP).
The exchange has provided the addresses of the hot wallets from which it is possible to see how more than $5 million has been stolen from them, which will now cause problems for both the platform and the users.
All major exchanges have been alerted and the incriminated addresses are blacklisted, so as soon as the funds are moved, they can be frozen and maybe even traced back to the culprits.
In detail, the hacked addresses are:
- Ethereum: 0x7860F7b2874e77E80bE0fC6EbfB9414f89781aD9;
- Tron: TPdhhbCHqXzrDyUiQnHApS7VL2UxB8Qhna;
- Tezos: tz1hnoxVgc8Z1DUa6D18EUkPCXmNbaHwmLRc;
- Algorand: PDVFO5SDJMOJ6MC7KAD27DDGQ5YQD4IUTDJR2QRCPENT5A5T6CGT2VAAEI;
- Ripple: rNwgkFj6QadEXUyS1jgTD2XEsi8HanKzDX;
- Bitcoin: 1ANLZZ2YFGumRXaD3EMii92zWQgvX2CK9c.
Unfortunately, all the ETH have already been laundered in various decentralized protocols such as Uniswap, so they can now be considered lost. Moreover, the ETH constitute the biggest amount of money stolen from Eterbase by these criminals.
Not only Eterbase: recent attacks on exchanges
In July, the 2gether app had also been hacked, as criminals had managed to steal more than a million dollars in crypto.
The Eterbase affair, however, teaches us once again that the reliability of centralized exchanges is not something certain and the fact that everything is in the hands of a company can have repercussions in handling a loss of this magnitude.
In fact, the advice when using a centralized platform is always to never leave the funds there but to withdraw them and put them on a proprietary non-custodial wallet.