Cyber Incident Victim: Deribit

On November 1, 2022, cryptocurrency derivatives exchange Deribit suffered a security breach resulting in the theft of approximately $28 million from its hot wallets. The incident occurred just before midnight UTC, with the attacker compromising Deribit’s Bitcoin (BTC), Ethereum (ETH), and USD Coin (USDC) hot wallets. Blockchain security firm PeckShield identified the stolen assets as 9,080 ETH (valued at $14.2 million) and 691 BTC (worth $14.1 million). Deribit publicly confirmed the hack via Twitter on November 2, stating the breach was isolated to these three hot wallets and assuring users that client funds remained secure due to 99% of assets being held in offline cold storage. The company immediately halted withdrawals while investigating the incident and emphasized that its financial reserves would cover the losses, ensuring no operational disruptions.

Deribit initiated containment measures by quarantining the compromised wallets and announced plans to reopen withdrawals on November 2. As part of its response, the exchange required all users to generate new deposit addresses for BTC, ETH, and USDC, invalidating previous addresses to prevent further exploitation. Third-party custodial withdrawal services through Copper Clearloop and Cobo were reactivated promptly. Blockchain Intelligence Group analyst Bill Callahan confirmed the stolen funds had been moved to new addresses, underscoring the inherent risks of hot wallets compared to more secure cold storage solutions. The incident contributed to a broader trend of cryptocurrency thefts in 2022, with PeckShield noting October alone saw $760.2 million lost across 53 protocols, bringing the year’s cumulative losses to approximately $3 billion. Deribit’s transparent communication about fund recovery and operational adjustments concluded the immediate crisis, though the attack reinforced industry concerns about hot wallet vulnerabilities.