Deribit has halted withdrawals after suffering a $28 million hot wallet hack

    Simar Marwaha
    Simar Marwaha
    Published on November 3, 2022 12:01 PM

    Updated on January 26, 2023 6:21 AM

    Copper Clearloop and Cobo are the two third-party custodians to whom Deribit has suspended withdrawals while security assessments are ongoing
    Deribit has halted withdrawals after suffering a $28 million hot wallet hack

    Deribit, a cryptocurrency options and futures exchange, reported on November 1 that the hot wallet of the system has been hacked for $28 million.

    Deribit had never been subjected to such an attack

    Deribit, one of the biggest cryptocurrency derivatives exchanges in the world, was founded in 2016 and lets customers trade cryptocurrency futures and options. Deribit has a daily trading volume of about $280 million.

    Since the company's founding, Deribit had never been subjected to such an attack or suffered damages, according to the official.

    Deribit's chief commercial officer, Luuk Strijers, on Wednesday promised clients that their money was secure and Deribit's corporate reserves would cover any losses by Deribit's balance sheet assets, which are separate from the company's $40 million insurance fund.

    "Examining the attack vectors is still ongoing. We are unable to reveal much more at this time, but we are investigating how access was obtained, " Strijers added to his speech.

    Deribit has stopped making withdrawals to third-party custodians while it conducts security checks and investigates the occurrence.

    The exchange will make an announcement when the security check is over and withdrawals to custodians like Copper Clearloop and Cobo can once again be made.

    A recent tweet included a quote from the discussion:

    “We must prohibit withdrawals, including those from third-party custodians Copper Clearloop and Cobo, while we do ongoing security checks and until we are certain it is safe to reopen.”

    Client assets and cold storage addresses remained unaffected

    Since the company acknowledged that it has the policy to store 99% of customer funds in cold storage to lessen the impact of a security breach or attack, the incident was limited to Bitcoin, Ethereum, and USDC hot wallets.

    Deribit’s reserves, stating:

    “Client assets, Fire Blocks, and any addresses used for cold storage are unaffected. In order to lessen the impact of these kinds of incidents, it is corporate policy to retain 99% of our users' cash in cold storage.”

    READ ALSO:  With two weeks left, October turns the worst month for cryptocurrency hacks

    The company tweeted that "Deribit remains in a financially stable position and continuing activities will not be impacted."

    Deribit's trading website is still operational in the interim. A Deribit spokesperson claims that there is no connection between the website malfunction and the hack.