Eterbase, a Bratislava-based cryptocurrency exchange, has disclosed a major security breach that resulted in the theft of approximately $5.4 million in digital assets. The hack, which occurred on September 8, 2020, targeted six of the exchange’s hot wallets, siphoning funds in Bitcoin, Ethereum, XRP, Tezos, Algorand, and TRON before the breach was detected.
TL;DR
- Slovakian crypto exchange Eterbase lost $5.4 million in a hot wallet breach on September 8, 2020
- Six hot wallets were compromised, with losses across BTC, ETH, XRP, XTZ, ALGO, and TRX
- Stolen funds were traced to major exchanges including Binance, Huobi, and HitBTC
- Some stolen ETH was converted to Tether and moved through Uniswap and Compound
- Eterbase assured users it has sufficient capital to cover all losses
How the Attack Unfolded
The breach was discovered when Eterbase noticed unauthorized transactions flowing out of its hot wallets — cryptocurrency wallets connected to the internet that facilitate real-time trading. In an announcement posted to Telegram, the exchange listed the hacker’s wallet addresses across multiple blockchains, including Ethereum, TRON, Tezos, Bitcoin, Algorand, and XRP networks.
According to blockchain analysis, approximately 387 ETH was transferred from Eterbase’s primary hot wallet to the attacker’s address in the initial wave. The stolen assets were then quickly distributed across multiple wallets and moved to several centralized exchanges, including Binance, Huobi, and HitBTC, likely in an attempt to liquidate the funds before they could be flagged.
Some of the stolen Ethereum was converted into Tether (USDT), the leading dollar-pegged stablecoin, and routed through decentralized finance protocols including Uniswap and Compound. The use of both centralized and decentralized platforms to launder the stolen assets complicated recovery efforts.
Eterbase’s Response
Eterbase immediately contacted the security teams at rival exchanges where the stolen funds had been deposited, requesting that they freeze any incoming transactions from the identified wallet addresses. Law enforcement authorities were also notified, and the exchange pledged full cooperation with the investigation.
Despite the significant losses, Eterbase moved quickly to reassure its users. In a public statement, the exchange declared that it had sufficient capital reserves to meet all obligations to customers. “We want to inform our users that we have enough capital to meet all our obligations, and at the same time, we want to reassure everyone that this event won’t stop our journey,” the exchange said.
Operations were temporarily suspended pending a comprehensive security audit. Eterbase committed to reopening only after renowned global security firms had completed their review of the platform’s infrastructure.
A Small Exchange With Big Problems
While Eterbase was a relatively small player in the crypto exchange landscape — handling approximately $3 million in daily trading volume according to CoinGecko data — the hack underscored that no exchange is immune to security threats regardless of size. The attack came at a time when Bitcoin was trading near $10,400 and Ethereum around $375, with the total cryptocurrency market capitalization hovering around $340 billion.
The Eterbase incident followed a long history of exchange hacks in the cryptocurrency industry, from the infamous Mt. Gox collapse in 2014 to the $535 million Coincheck heist in 2018. While the $5.4 million stolen from Eterbase was modest by comparison, the breach served as yet another reminder that hot wallet security remains one of the most persistent challenges facing digital asset platforms.
Why This Matters
The Eterbase hack highlighted the ongoing tension between convenience and security in cryptocurrency exchanges. Hot wallets are essential for providing the instant liquidity that traders expect, but their constant internet connectivity makes them prime targets for sophisticated attackers. The incident also demonstrated the dual challenge of tracking stolen funds through both centralized exchanges, where cooperation is possible, and decentralized protocols like Uniswap and Compound, where no central authority can freeze assets. As the DeFi ecosystem continued its explosive growth in September 2020, the Eterbase breach raised uncomfortable questions about whether the industry’s security infrastructure was keeping pace with its rapid expansion.
Disclaimer: This article is for informational purposes only and does not constitute financial advice. Cryptocurrency investments carry significant risk. Always conduct your own research before making investment decisions.
six hot wallets hit at once. single-sig infrastructure in 2020 is just negligence at that point
Sven H. exactly. multi-sig was standard practice even in 2018. eterbase had no excuse running single-sig hot wallets in 2020
6 hot wallets compromised simultaneously means their key management was centralized. one point of failure, six wallets drained
the stolen ETH being converted to tether through uniswap and compound… even the hackers were using defi lol
the reassuring part is they traced everything on-chain. the terrifying part is the hackers still managed to move through uniswap and compound before anyone froze anything
the irony of hackers using defi to launder stolen funds from a cex. uniswap and compound as getaway vehicles
single-sig hot wallets in 2020 is wild. even small exchanges should have had multisig by then, mt gox happened 6 years prior
tracing funds to binance and huobi within hours shows how transparent the blockchain actually is for investigators
tracing stolen funds to Binance and Huobi within hours is nice but those exchanges still took days to freeze anything. on-chain speed means nothing without off-chain cooperation
$5.4M across six hot wallets and eterbase said they had enough capital to cover losses. wonder how many users actually got made whole