Bilaxy

On August 28, 2021, Bilaxy, a Seychelles-based centralized cryptocurrency exchange, was struck by a devastating hack, losing approximately $30 million in 297 ERC-20 tokens, including USDT, USDC, UNI, and 1 billion HOGE ($141,000), from its hot wallet (0xcce8d59affdd93be338fc77fa0a298c2cb65da59), as reported by Merkle Science. Detected between 18:00-19:00 UTC, the attacker transferred funds to a single address (0xa14d5da3c6bf2d9304fe6d4bc6942395b4de048b), later funneling 200 ETH ($700,000) through Tornado Cash, per Etherscan. Bilaxy, with a $338 million daily trading volume per CoinMarketCap, suspended its website, halted deposits, and moved remaining assets to cold wallets, per Twitter (@Bilaxy_exchange).

The exchange faced criticism for delayed responses, lack of transparency, and no team member disclosure, per Reddit (r/CryptoCurrency). Bilaxy promised a two-week investigation with security audits and police reporting but provided sparse updates, per Telegram (@BilaxyOfficial). The hacker’s address retained 139.18 ETH ($491,636) and $10 million in tokens, per Merkle Science. One of 251 hacks in 2021 costing $3.2 billion, per Chainalysis, this breach, alongside Uranium Finance’s $53.7 million loss, exposed hot wallet vulnerabilities. In a crypto landscape resembling a digital Wild West, Bilaxy’s saga serves as a stark reminder: exchanges must fortify their defenses with real-time monitoring, multi-signature wallets, and transparent operations, or risk becoming cautionary tales in the blockchain’s unforgiving ledger.