🚨 BigONE Hacked: $27M Stolen and Swapped into BTC, TRX, ETH, and SOL 💸🕵️‍♂️🔒

Crypto’s Latest Heist: BigONE Loses $27M in a Sneaky Supply Chain Attack

Crypto fam, hold onto your wallets—another exchange just got hit, and it’s a doozy. On July 16, 2025, Singapore-based BigONE, a solid mid-tier exchange with $728M in trading volume, was hacked to the tune of over $27 million. The thieves didn’t just grab the loot and run—they swapped the stolen assets into Bitcoin (BTC), TRON (TRX), Ethereum (ETH), and Solana (SOL), scattering them across blockchains to dodge the heat. This wasn’t your run-of-the-mill hack, either—it was a slick supply chain attack that’s got the crypto world buzzing. Let’s break down the chaos, figure out how it happened, and talk about what it means for the industry. Pour yourself a coffee, and let’s dive in!

The Heist: A Masterclass in Stealth

Imagine this: you’re an exchange with a fortress of security, but someone sneaks in through a hidden backdoor. That’s exactly what happened to BigONE. The hackers exploited vulnerabilities in the exchange’s production network, targeting servers that handle account management and risk controls. Instead of cracking private keys (the usual crypto heist playbook), they manipulated the server logic to bypass defenses and drain the hot wallet like it was an open bar.The stolen haul was a crypto smorgasbord, totaling over $27M:

• 120 BTC (~$14.15M)
• 23.3M TRX (~$7.01M)
• 23.3M ETH (~$4M)
• 2,625 SOL (~$428K)
• Plus a grab bag of tokens: 8.5M USDT (across TRC20, ERC20, BSC, and Solana), 9.7B SHIB, 538K DOGE, 20,730 XIN, 4.3M SNT, 15.7M CELR, 16,071 LEO, and 25,487 UNI.

The hackers moved like pros, converting the assets into BTC, TRX, ETH, and SOL to make tracing a nightmare. Blockchain security firms SlowMist and CertiK are hot on their trail, tracking wallets like:

• Ethereum/BSC: 0x9Bf7a4dDcA405929dba1FBB136F764F5892A8a7a
• Bitcoin: bc1qwxm53zya6cuflxhcxy84t4c4wrmgrwqzd07jxm
• Solana: HSr1FNv266zCnVtUdZhfYrhgWx1a4LNEpMPDymQzPg4R
• TRON: TKKGH8bwmEEvyp3QkzDCbK61EwCHXdo17c

Some funds have already hit decentralized exchanges (DEXs) and mixers, complicating recovery efforts. X users like @lookonchain spotted the activity early, warning that the hackers might try to launder the funds through privacy protocols.

How’d They Pull It Off?

This wasn’t a brute-force job—it was a supply chain attack, one of the sneakiest tricks in the hacker playbook. Unlike direct attacks on wallets or keys, supply chain attacks target third-party services or software that an exchange relies on. In BigONE’s case, the hackers infiltrated the production network, messing with the servers that control account balances and risk checks. By tweaking the logic, they could move funds without triggering alarms, all while staying under the radar.

This kind of attack is rare but brutal. It’s like poisoning the water supply instead of breaking into someone’s house. Yehor Rudytsia from Hacken, a blockchain security firm, called it “a wake-up call for exchanges to secure their entire supply chain, from third-party vendors to CI/CD pipelines.” BigONE’s team caught the “abnormal movements” quickly and shut down the attack path, but not before the hackers made off with the $27M haul.

BigONE’s Response: Damage Control Mode

BigONE’s not going down without a fight. The exchange issued a statement promising to cover the full $27M loss using its internal reserves (BTC, ETH, USDT, SOL, and XIN) and external borrowing for less liquid tokens like SHIB and CELR. They’ve assured users that account balances are safe and won’t be impacted, which is a bold move to restore trust. Trading and deposits are expected to resume soon, but withdrawals are on ice until security upgrades are complete.

The exchange is working with SlowMist to trace the stolen funds and has shared the hackers’ wallet addresses for community tracking. BigONE’s hot wallet, which held over $23M, was the main target, but the exchange claims its $91M in total assets (per DeFiLlama) gives them enough firepower to absorb the hit. They’re also promising regular updates to keep users in the loop—a rare dose of transparency in the wild world of crypto.

That said, not everyone’s singing their praises. Blockchain sleuth ZachXBT dropped a bombshell on X, pointing out that BigONE has processed volume tied to pig butchering, romance, and investment scams in the past. Some users, like @CryptoVigilante, are calling out the exchange’s shady history, questioning whether this hack could’ve been an inside job or a consequence of lax oversight.

The Crypto World Reacts

X is ablaze with reactions. Posts from @lookonchain and @cryptothedoggy broke the news, with @blockchain_guru calling it “the biggest exchange hack of 2025 so far.” Others, like @DeFiDefender , noted that the mix of stolen tokens—especially illiquid ones like SNT and CELR—could make it tough for hackers to cash out without crashing those markets. “They’ll need to move slow or risk getting caught,” one user tweeted.

The hack’s also reignited debates about centralized exchanges (CEXs) versus decentralized ones (DEXs). CEXs like BigONE are juicy targets because they hold massive liquidity, but their centralized nature makes them vulnerable. Some X users are urging folks to switch to DEXs or self-custody, with @HodlHard tweeting, “Not your keys, not your crypto. When will people learn?”

Crypto’s Ongoing Security Saga

This hack is just the latest chapter in crypto’s never-ending battle with bad actors. In 2025 alone, over $2.1B has been stolen from crypto platforms, with Bybit’s $1.5B loss to North Korean hackers in March setting a grim record. Other notable heists include KuCoin’s $275M hack in 2020 and Binance’s $570M cross-chain bridge exploit in 2022. But supply chain attacks, like BigONE’s, are a new frontier. They’re harder to detect and prevent, as they exploit trusted third parties rather than the exchange itself.

The BigONE hack highlights a growing trend: hackers are getting smarter. Instead of phishing keys or brute-forcing wallets, they’re targeting infrastructure vulnerabilities. Experts like @CyberSecGuru on X warn that exchanges need to overhaul their security, from auditing third-party vendors to implementing real-time anomaly detection. Meanwhile, the crypto community’s left wondering: how many more hacks before the industry gets it right?

What’s Next for BigONE and the Industry?

BigONE’s got a tough road ahead. Covering $27M in losses is no small feat, and restoring user trust will be even harder. The exchange is upgrading its security, likely adding stricter CI/CD pipeline checks and automated incident response systems. If they can deliver on their promise to make users whole, they might come out stronger. But any missteps—like delays in reimbursements or more scam allegations—could send users running to competitors.

For the hackers, the clock’s ticking. Blockchain’s transparency means every move is traceable, and firms like SlowMist and CertiK are relentless. Still, with funds spread across BTC, TRX, ETH, and SOL, and some already hitting DEXs and mixers, recovery’s a long shot. The hackers might try to launder through privacy coins like Monero or cross-chain bridges, but the crypto community’s watching closely.

For the broader industry, this is a gut check. Exchanges need to prioritize supply chain security, and users need to get serious about self-custody. Hardware wallets, multisig setups, and avoiding custodial accounts without insurance are the way to go. As @CryptoSensei put it on X, “In crypto, you’re your own bank. Act like it.”

Stay Sharp, Stay Safe

The BigONE hack is a stark reminder that crypto’s still the Wild West. With $27M swapped into BTC, TRX, ETH, and SOL, the hackers are playing a high-stakes game of cat-and-mouse. BigONE’s fighting back with transparency and a promise to cover losses, but the incident underscores the risks of centralized exchanges and the need for ironclad security.

What do you think—will BigONE recover, or is this a sign of bigger cracks in the system? Should we all be moving to DEXs or cold storage? Drop your thoughts in the comments, and let’s keep the convo going. In the meantime, keep your keys offline, your 2FA on, and your eyes peeled for the next crypto plot twist. Stay safe, fam!

Sources:

• ainvest.com
• beincrypto.com
• bitcoinethereumnews.com
• coinpedia.org
• cointelegraph.com
• coindesk.com
• X posts