BitMart

Hacked

Exchange · born 2017 · ✝ 2021

A hot-wallet key leak drained nearly $200M overnight.

BitMart was a centralized crypto exchange whose Ethereum and BSC hot wallets were emptied in December 2021 after private keys were compromised. The thief swapped stolen tokens for ETH and laundered them through Tornado Cash.

Peak: ~$196M stolen
Cause: Hacked
Year of death: 2021

☠️ Cause of death

Private keys for the exchange's hot wallets were compromised by an unknown method, letting an attacker transfer out hundreds of tokens across two chains.

📓 Lessons left behind

—Hot wallets should hold only operational float, not a treasury.
—Multisig and cold storage limit blast radius when a key leaks.
—Sign with HSMs and rotate signer access aggressively.

🌱 The idea that survived

Cold-storage segregation

Reinforced that exchanges must keep the bulk of customer assets offline behind multisig cold storage.

#exchange#custody#private-key#hot-wallet