Bitrue

On April 14, 2023, Bitrue, a Singapore-based cryptocurrency exchange, suffered a hot wallet exploit, resulting in the theft of approximately $23 million in cryptocurrencies, including ETH, QNT, GALA, SHIB, HOT, and MATIC, as reported by Bitcoin News.

Detected at 07:18 UTC, the breach targeted a hot wallet holding less than 5% of Bitrue’s total funds, with the attacker swapping assets for 8,540 ETH and funneling some funds through Tornado Cash, per PeckShield.

Bitrue, with a $2 billion daily trading volume per CoinGecko, quickly halted the exploit, securing remaining wallets, and suspended withdrawals until April 18 for additional security checks, per Twitter (@BitrueOfficial).

The exchange committed to fully compensating affected users, though community backlash on Twitter (@vooidds) criticized a four-day delay in public disclosure.

Cyvers’ monitoring alerted Bitrue to the attack, per Cyvers.ai. No perpetrators were identified, and by April 2025, the hacker laundered $1.89 million via Tornado Cash, retaining control of 5,100 ETH, per posts on X. One of 295 crypto hacks in 2023 costing $2 billion, per Chainalysis, the incident, following GDAC’s $13 million loss, underscored hot wallet vulnerabilities, fueling calls for cold storage dominance, real-time monitoring, and robust access controls to secure exchanges.