Cryptocurrency exchange AscendEX, formerly known as BitMax, has become the latest victim in a string of high-profile crypto heists after confirming a security breach on December 11, 2021, that resulted in the loss of approximately $77.7 million in digital assets. The attack, which targeted the exchange’s hot wallets across multiple blockchain networks, marks the third major crypto hack in less than two weeks and raises renewed questions about the security of centralized trading platforms.
TL;DR
- AscendEX lost $77.7 million after its hot wallets were compromised on December 11, 2021
- Approximately $60 million was stolen via Ethereum, $9.2 million via Binance Smart Chain, and $8.5 million via Polygon
- Cold wallets were unaffected and the exchange promised full reimbursement to affected users
- The hack follows the $200 million BitMart breach just days earlier
- Blockchain security firm PeckShield provided the initial loss estimates
How the Attack Unfolded
The Singapore-based exchange first detected suspicious activity at approximately 22:00 UTC on December 11, when an undisclosed number of ERC-20, Binance Smart Chain, and Polygon-based tokens were transferred out of its hot wallet without authorization. In an official statement, AscendEX confirmed that the breach was limited to its hot wallet infrastructure, with cold wallet holdings remaining secure and untouched.
Blockchain security and data analytics firm PeckShield was among the first to provide a comprehensive breakdown of the losses. According to their analysis, the attackers made off with roughly $77.7 million in total. The Ethereum network bore the brunt of the attack, with approximately $60 million worth of tokens siphoned through a single suspicious address. An additional $9.2 million was stolen via the Binance Smart Chain, and $8.5 million was taken from Polygon-based assets.
A Troubling Trend in Crypto Hacks
The AscendEX breach is far from an isolated incident. The cryptocurrency industry has experienced a significant surge in hacking activity throughout 2021, with a total of 169 blockchain-related security incidents recorded during the year and nearly $7 billion in funds lost to malicious actors. Crypto exchanges, wallet providers, and decentralized marketplaces around the world have all fallen victim to these increasingly sophisticated attacks.
What makes the AscendEX hack particularly notable is its timing. Just days earlier, on December 4, fellow cryptocurrency exchange BitMart suffered a devastating breach of its own, losing nearly $200 million worth of assets from its Ethereum and Binance Smart Chain hot wallets. BitMart later revealed that the hack was the result of stolen private keys and committed to using its own funds to reimburse affected customers.
Hot wallet attacks have become the preferred method for crypto hackers in recent months. Unlike cold wallets, which store private keys offline and are far more resistant to remote attacks, hot wallets remain connected to the internet to facilitate real-time trading operations. This connectivity, while essential for exchange functionality, creates a persistent attack surface that determined adversaries can exploit.
AscendEX Responds to the Crisis
Despite the severity of the breach, AscendEX moved quickly to reassure its user base. The exchange publicly committed to covering all losses incurred by affected users from its own reserves. This promise of full reimbursement aligns with a growing trend among centralized exchanges to absorb the financial impact of security breaches rather than pass losses on to their customers.
The timing of the attack is especially painful for AscendEX, which had recently celebrated its third anniversary and, just weeks prior, announced a $50 million Series B funding round led by Polychain Capital and Hack VC. The exchange had been positioning itself as a growing player in the competitive crypto trading landscape, making the security breach an unwelcome setback.
Broader Implications for Crypto Security
The back-to-back BitMart and AscendEX hacks underscore a fundamental tension in the cryptocurrency ecosystem. While the industry continues to grow at a remarkable pace, with Bitcoin trading around $49,362 and Ethereum near $4,084 at the time of the attack, the security infrastructure at many centralized exchanges has struggled to keep up with the sheer volume of assets under management.
For users, the incidents serve as a stark reminder of the risks associated with keeping large amounts of cryptocurrency on centralized exchanges. The age-old crypto adage — “not your keys, not your coins” — continues to ring true, and many industry observers have renewed their calls for greater adoption of self-custody solutions and decentralized trading platforms.
Why This Matters
The AscendEX hack highlights the ongoing security challenges facing centralized cryptocurrency exchanges, even as the broader market continues to mature. With nearly $7 billion lost to blockchain-related hacks in 2021 alone, the industry must address fundamental vulnerabilities in hot wallet infrastructure if it hopes to maintain the trust of both retail and institutional investors. For individual users, the incident reinforces the importance of self-custody and the need to carefully evaluate the security practices of any platform entrusted with digital assets.
Disclaimer: This article is for informational purposes only and does not constitute financial or investment advice. Always conduct your own research before making any investment decisions.
60M on ETH, 9.2M on BSC, 8.5M on Polygon. all from hot wallets. when will exchanges learn to keep minimal funds there
at least they promised full reimbursement. most exchanges just go silent after a breach
BitMax rebranded to AscendEX and got hacked two weeks after BitMart lost 200M. December 2021 was rough for CEXs
PeckShield caught this one fast. the ETH address was flagged within hours. small mercy
third major hack in less than two weeks and people still keep funds on exchanges. self custody isnt that hard