Cyber Incident Victim: Bitrue
Date:
Jun 2019
Location:
China
Summary
Attackers exploited a vulnerability in a cryptocurrency exchange's risk control review process, compromising approximately 90 users and stealing 9.3 million XRP ($4 million) and 2.5 million ADA ($230,000) which were transferred to external platforms. The exchange swiftly detected the breach, suspended operations, and collaborated with receiving exchanges to freeze affected funds and accounts while initiating recovery efforts. Authorities were notified, and impacted users were assured full reimbursement through insured holdings as the platform conducted emergency system inspections to restore services. The incident reflects broader targeting of cryptocurrency exchanges by cybercriminals seeking high-value digital asset thefts.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On June 27, 2019, Bitrue cryptocurrency exchange disclosed a security breach in which attackers exploited a vulnerability in its Risk Control team’s second review process, enabling unauthorized transfers of digital assets. The incident impacted approximately 90 users, with attackers moving 9.3 million XRP (valued at roughly $4 million) and 2.5 million ADA (worth approximately $230,000) to external exchanges including Huobi, Bittrex, ChangeNOW, and EXMO. Bitrue detected the attack rapidly, temporarily suspending all platform activity to contain further losses. The exchange immediately notified the recipient exchanges to request freezing of the stolen funds and accounts involved in the transactions. Bitrue publicly acknowledged the breach via Twitter, providing initial details of the incident while assuring users that insured funds would be fully reimbursed.
Following containment, Bitrue initiated an emergency inspection of its systems to identify the root cause and restore operations securely. The exchange collaborated with Huobi, Bittrex, ChangeNOW, and EXMO to trace and block the illicit transactions, publicly thanking these partners for their assistance. Bitrue reported the incident to local law enforcement and solicited additional information from the public via email or social media channels. The company reiterated its insurance coverage for affected user holdings, committing to full financial recovery for all impacted individuals. This theft occurred amid a pattern of high-value cryptocurrency exchange breaches, with prior incidents affecting platforms such as Bithumb, Binance, Coinrail, Zaif, Coincheck, and Bitfinex. Bitrue’s public communications emphasized procedural remediation efforts but did not disclose technical specifics of the exploited vulnerability or long-term forensic findings.