WOO X suffers $14 million breach affecting 9 users, halts withdrawals

WOO X suffered an authorized breach on July 24, resulting in the theft of roughly $14 million in crypto.

The exchange said it is investigating the “contained incident” and revealed that the breach resulted in unauthorized withdrawals from nine user accounts. The exchange has paused withdrawals as a precaution.

It added in its statement that it has already contacted the affected users and intends to reimburse them fully.

$14 million stolen through different tokens

Roughly 20 minutes later, the company reiterated that nine accounts were affected, emphasized that many attempted withdrawals had been blocked once the issue was detected, and repeated its commitment to cover all losses.

About an hour after the initial alert, WOO X updated the tally to $14 million and published six addresses that it claimed belonged to the exploiter. 

As of press time, the exchange did not provide further technical details on how the attacker gained access to the accounts or when withdrawals would be restored.

Around an hour after WOO X’s first announcement, Cyvers Alerts reported detecting more than $12 million in suspicious flows involving the exchange across Bitcoin, Ethereum (ETH), BNB Chain, and Arbitrum. 

According to Cyvers, 1 ETH address received $1 million in USDT from a WOO hot wallet, swapped it to ETH, and later moved $7.3 million to a new address. 

On BNB Chain, 5 BTCB were received from WOO, converted to BNB, and transferred to another brand-new address.

WOO X said it will provide another update once withdrawals are re-enabled. 

For now, the company assured users that the incident was limited to a small set of accounts that held a significant amount of crypto, and pledged to release more details about the attack vector and the timetable for restoring full platform functionality.

The post WOO X suffers $14 million breach affecting 9 users, halts withdrawals appeared first on CryptoSlate.