BitoPro Exchange Hacked for $11.5 Million in Ethereum, Solana, and Other Cryptos

On May 8, 2025, Taiwan based cryptocurrency exchange BitoPro suffered a significant security breach, resulting in the loss of approximately $11.5 million, according to blockchain investigator ZachXBT. The incident, which involved unauthorized outflows from the exchange’s hot wallets across multiple networks, including Ethereum, Solana, Polygon, and Tron, has sparked concerns about the platform’s security measures and transparency.

ZachXBT, a prominent figure in onchain analysis, reported that the stolen funds were funneled through privacy-focused platforms such as Tornado, bridged to Bitcoin via Thorchain, and deposited into Wasabi, complicating efforts to trace the assets. The breach, which went unnoticed by the public for nearly a month, has raised questions about BitoPro’s response and communication with its users.

The hack was first brought to public attention by ZachXBT, who shared his findings on his Telegram channel today. Despite the severity of the incident, BitoPro remained silent for 25 days, failing to address the issue through its official communication channels until ZachXBT’s post gained traction. When concerned users raised the issue on BitoPro’s Telegram channel, an administrator responded at 2:51 p.m. local time, acknowledging the inquiries and promising a unified response. Hours later, at 5:12 p.m., BitoPro released an official statement in Chinese, confirming that the platform had been compromised during a wallet system upgrade and asset transfer operation.

BitoPro’s Response and Ongoing Investigation

In its statement, BitoPro outlined the steps taken in the wake of the breach. The exchange claimed to have activated an emergency response mechanism, transferring platform assets to a new wallet and blocking further hacker activities. Additionally, BitoPro engaged a third-party cybersecurity firm to investigate the incident and track related leads.

The company reassured users that no individual funds were affected, emphasizing its commitment to safeguarding client assets. However, the statement did not explain why the exchange delayed notifying users about the breach or provide specific details about the nature of the exploit. This lack of transparency has left many in the cryptocurrency community seeking clearer answers.

The incident shows the persistent challenges faced by crypto exchanges in securing digital assets against sophisticated hacks. As hackers continue to exploit vulnerabilities, the importance of robust security protocols and timely communication cannot be overstated. For BitoPro, the breach represents a critical moment to rebuild trust with its user base. The ongoing investigation by the cybersecurity firm may shed light on the methods used by the attackers and help prevent future incidents. For now, users await further updates as BitoPro works to address the fallout from this significant security lapse.