On July 16, 2025, the BigONE crypto exchange disclosed a significant security incident involving a breach of its warm wallet system. The team reported:
- Unauthorised withdrawal of funds from internal warm wallets.
- Flexible response measures, including temporary halting of certain operations and asset transfers to secure cold storage.
- Ongoing forensic investigation, with external cybersecurity experts collaborating closely.
- Enhanced internal controls: tightening approval workflows, increasing withdrawal delays, and boosting multi-signature & cold wallet holdings.
BigONE reassured users that most funds remain secure and that the incident was contained quickly. They committed to full transparency and restitution per investigation results. ()
Timeline of the BigONE Exploit
| Date | Event |
|---|---|
| July 16, 2025 | Breach identified; BigONE issues public security incident disclosure. |
| Immediately after | Operations in warm wallets suspended; funds moved to cold storage. |
| Ongoing | Collaboration with cybersecurity firms and law enforcement initiated. |
| Post-incident | Rollout of improved wallet management, stricter withdrawal protocols, and enhanced monitoring systems. |
Why This Matters to Users affected by BigONE Hack
- Risk of lost assets: Warm wallets are more vulnerable than cold wallets, which are offline.
- Evolving cryptocurrency threats: 2025 has already seen major hacks, including a $1.5 B loss at Bybit—emphasizing the need for elevated CEX security.
- Trust erosion: Even robust platforms face reputational damage unless they follow through on restitution and transparency.
BigONE’s Strengths & Weaknesses in Security
Strengths
- Existing bug bounty program and third‑party audits via platforms like HackenProof and CertiK.
- Previously strong security posture: rated BBB by CertiK with regular penetration tests and cold wallet usage.
Weaknesses Highlighted by Hack
- Exposure of warm wallets without full multi-signature mechanisms.
- A possible delay in incident detection, prompting the need for real-time monitoring.
What Users Should Do Now
- Stay updated via BigONE’s official channels (website, Help Center, official app).
- Monitor your account, especially any unusual activity during withdrawal freeze periods.
- Check cold storage allocations and ask for proof-of-reserves from the team.
- Reconsider storing large balances on CEXs; consider dividing funds or using trusted hardware wallets.
FailSafe’s Role: A Cautionary Perspective
FailSafe offers end-to-end audit and monitoring—from pre-deployment security reviews to live‑tracking in case of hacks. Had these controls been fully implemented earlier, the incident at BigONE could have been detected faster or even prevented.
Frequently Asked Questions
How much money was lost?
BigONE hasn’t provided exact figures. They confirmed that most user funds are safe and pledge full disclosure once investigations conclude.
Will affected users get reimbursed?
Yes. BigONE confirmed it will fully compensate users’ losses, though timing depends on external audit outcomes.
Should I continue using BigONE?
That depends on your risk tolerance. The exchange is improving its systems, but if you’re cautious, consider moving more assets to hardware wallets or exchanges with proven multi-signature systems.
How can I verify if my funds are safe?
Watch for updates from BigONE about cold wallet storage and proof-of-reserves. You can also request your transaction logs on the platform.
What security features are being enhanced?
BigONE is tightening multi-signature cold wallet use, extending withdrawal delays, and implementing real-time monitoring and anomaly detection.
Conclusion
Read more about how we can help strengthen security for exchanges with our audit services.
Need help from expert?
Related Articles
How FailSafe's Agentic AI Secured Megapot v2 Ahead of Launch
FailSafe's SWARM completed a full assessment across Megapot v2 contracts, identifying four vulnerabilities including an LP pool cap bypass that could have expos...
Vibe Coding Just Cost Moonwell $1.78 Million. Here’s What Every Protocol Needs to Learn.
TL;DR On February 15, 2026, DeFi lending protocol Moonwell lost $1.78 million after an oracle misconfiguration priced cbETH at $1.12 instead of its actual value...
Rujira Fin Smart Contract Audit
FailSafe completed a comprehensive smart contract audit for Rujira Fin, a hybrid order book DEX on THORChain's omnichain app layer, uncovering two critical fund...
Ready to secure your project?
Get in touch with our security experts for a comprehensive audit.
Contact Us