Cyber Incident Victim: AscendEX
Date:
Dec 2021
Location:
Singapore
Summary
A cryptocurrency exchange suffered a security breach resulting in unauthorized transfers of approximately $77.7 million from its hot wallets across Ethereum, Binance Smart Chain, and Polygon blockchains. The platform confirmed cold wallet holdings remained secure and initiated asset transfers to those while halting operations to investigate. Response measures included engaging blockchain analytics firms, coordinating with law enforcement, and requesting other exchanges to blacklist associated theft addresses. The company committed to fully reimbursing affected customers and gradually restoring withdrawal functionality, starting with Ethereum, following infrastructure upgrades. No user funds were ultimately lost due to the reimbursement guarantee, though normal operations were temporarily disrupted during recovery efforts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 2 motives | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 11, 2021, at approximately 5:00 PM EST, cryptocurrency exchange AscendEX detected unauthorized transfers originating from one of its hot wallets. The incident involved the theft of digital assets across three blockchain networks: Ethereum, Binance Smart Chain, and Polygon. Blockchain security firm PeckShield later quantified the losses at $77.7 million, with $60 million taken from Ethereum-based assets, $9.2 million from Binance Smart Chain, and $8.5 million from Polygon. The company confirmed its cold wallet storage systems remained uncompromised during the breach. Upon identifying the unauthorized transactions, AscendEX immediately initiated containment measures by transferring all remaining assets from affected hot wallets to cold storage to prevent further losses.
AscendEX engaged blockchain analytics firms to investigate the attack and trace stolen funds, while simultaneously notifying law enforcement agencies. The exchange contacted other cryptocurrency platforms to flag wallets associated with the theft for blacklisting. On December 15, 2021, AscendEX publicly committed to fully reimbursing all affected customers, stating that maintaining user trust was critical in the cryptocurrency ecosystem. The company began establishing new hot wallet infrastructure and planned phased resumption of services, starting with Ethereum withdrawals within two days. A security post-mortem report was promised for future release. The breach occurred shortly after AscendEX's $50 million Series B funding round in November 2021, which involved investors including Polychain Capital and Jump Capital. This incident joined a series of major 2021 cryptocurrency thefts, including the $200 million BitMart breach attributed to compromised private keys and the $140 million Vulcan Forged hack, both occurring within the same timeframe. AscendEX, serving over one million clients with $200 million average daily trading volume, maintained operations from its Singapore headquarters throughout the response.