Hackers Drain $300 Million from Japanese Crypto Exchange DMM Bitcoin

Japanese crypto exchange Bitcoin DMM has announced that it lost more than $300 million to hackers and is now enforcing restrictions to prevent additional leaks while it figures out what happened.

At approximately 1:26 pm on Friday, May 31, the exchange detected an unauthorized leak of Bitcoin to the tune of 48 billion yen, or around $305 million.

“We are still investigating the details of the damage, but the following is what we know at this stage,” the company said in a notice on its website. “We have already taken measures to prevent the unauthorized leak, but we have also implemented restrictions on the use of some services to ensure additional safety.”

The now-removed notice offered additional details about measures taken to prevent further hemorrhaging. Bitcoin DMM has commenced screenings for new account opening, processing of cryptocurrency withdrawals, suspension of buying orders for spot trading (only selling orders accepted), as well as suspension of new open positions for leveraged trading (only settlement orders accepted).

The firm says limit orders for spot trading and leveraged trading that have already been placed will not be canceled, but withdrawals of Japanese yen may take longer than usual.

“We will give you a separate notice regarding the resumption of service,” the notice said. “We deeply apologize for this incident and for the inconvenience and concern it has caused our customers.”

An analysis by cryptocurrency intelligence firm Elliptic reveals that the threat actors have split the stolen loot into multiple new wallets, which the firm is now tracking. According to Elliptic, if this turns out to be a heist, it would be the eighth-largest crypto theft of all time, and the largest since the $477 million hack of FTX in November 2022

Thefts like these occur either through software vulnerabilities or by exploiting holes in smart contracts.

A security engineer who specialized in reverse-engineering smart contracts and blockchain audits has recently been sentenced to three years in prison for hacking two decentralized cryptocurrency exchanges and stealing $12 million in digital coin.

According to the US Department of Justice, the 34-year-old attacked a decentralized cryptocurrency exchange and used fake pricing data to generate approximately millions worth of inflated fees, then withdrew those fees in digital currency.

Bitcoin DMM assures customers it will procure the equivalent of the stolen amount of Bitcoin with the support of its partners.