Crypto Exchanges CoindCX and Bigone lost a total of $71 million last week in separate incidents, derived from what appears to be an infrastructure-level obstacle that allows attackers to access their hot wallets.
Neither case was involved in smart contract exploits, according to blockchain security company BlockAid. Instead, the attacker appears to have bypassed control at the wallet level, as he assumes that the internal systems and signers are inherently secure.
“Controls handed over to the attacker because the infrastructure assumes that the signatories are inherently secure,” the company wrote in X-thread.
India-based CoindCX reportedly lost $44 million from its operational liquidity wallet after the attacker accessed the back-end infrastructure.
Meanwhile, Beon, registered with the Seychelles, lost around $27 million in what is called a supply chain attack. This incident appears to include operations on backend server logic. This may have enabled unauthorized withdrawals without compromising the private key.
MPC alone is not enough
BlockAid claims that security frameworks that rely solely on multi-signature or multi-party calculations, also known as MPC, are inadequately set up. The company called for exchanges to adopt additional measures such as transaction simulation, policy enforcement, and intent verification during the signing process.
Defiant commentary stated that Shahar Madar is the vice president of security and trust products at Fireblocks and is a blockchain infrastructure provider known for its facility-grade MPC solutions. He said this shows how infrastructure-level attacks can avoid isolated security layers. He said the MPC is “crucial for strong key management, but it is just one layer of defense.”
“The attacks we saw are taking advantage of weaknesses across the stack,” Madhar said. He added that the only way to stop them is to have a “fully integrated architecture.”
He pointed out the importance of combining MPCs with secure infrastructure such as hardware-based enclaves with a policy engine that enforces transaction approval, wallet separation and real-time spending restrictions. According to Madar, if these layers are implemented properly, they can prevent the types of unauthorized access seen in CoindCX and BigOne exploits.
Blockaid says the latest violations reflect a broader pattern of exchange-level incidents resulting from infrastructure compromises rather than on-chain vulnerabilities. The company cites data for the second quarter of 2024, showing that over 65% of crypto-related losses (around $500 million in total) are tied to centralized exchange infrastructure.
Discover more from Earlybirds Invest
Subscribe to get the latest posts sent to your email.
