CoinSpot, Australia’s largest crypto exchange with around 2.5 million customers, has reportedly been hacked for $2.4 million in a “probable private key compromise” over at least one of its hot wallets. Blockchain sleuth ZachXBT highlighted two transactions entering the alleged hackers wallet. According to blockchain security firm CertiK, the wallet’s owner bridged the funds to the Bitcoin (BTC) network via ThorChain and Wan Bridge.
Etherscan data shows a transaction of 1,262 Ether (ETH) — currently worth $2.4 million — came from a known CoinSpot wallet and entered the alleged hackers wallet. The owner of the wallet address then swapped 450 ETH for 24 Wrapped Bitcoin (WBTC) via Uniswap, followed by 831 ETH for Bitcoin via Thorchain. The Bitcoin was then distributed to multiple new wallets in smaller divisions.
In order to prolong the investigation process, attackers commonly use this tactic. CoinSpot is regulated by the Australian financial watchdog AUSTRAC and was granted an Australian Digital Currency Exchange License by the regulator. The exchange has yet to comment on the incident.