BtcTurk Hack

In June 2024, BtcTurk, a major Turkish cryptocurrency exchange, experienced a substantial security breach targeting ten of its hot wallets, resulting in the theft of approximately $55 million in digital assets.

The attackers likely exploited compromised private keys to gain unauthorized access and siphon funds. Fortunately, the majority of BtcTurk’s assets, which were secured in cold wallets, remained unaffected.

The breach had market implications, notably contributing to a decline in the price of Luna Classic as large volumes of stolen tokens were dumped. In response, BtcTurk promptly suspended deposits and withdrawals to assess the situation and confirmed that no customer funds were impacted, as the exchange absorbed all losses.

Binance joined the investigation efforts, successfully freezing over $5.3 million—about 10% of the stolen funds—on its platform. Blockchain investigator ZachXBT suggested a potential link between the BtcTurk hack and a separate attack on the online casino Sportsbet, which reported a $3.5 million loss shortly thereafter.

The incident highlights the ongoing threat posed by compromised private keys, often due to phishing attacks, poor key storage, or malware. While BtcTurk’s reliance on cold storage helped limit the damage, the hack underscores the urgent need for stronger hot wallet protections and improved key management protocols across the industry.