Deribit crypto exchange halts withdrawals amid $28M hot wallet hack



Major cryptocurrency derivatives exchange​​ Deribit has halted withdrawals after suffering a $28 million hot wallet hack.

Deribit exchange got its hot wallet compromised before midnight UTC on Nov. 1, the firm reported on Twitter.

The exchange emphasized that client funds are safe as losses are covered by Deribit’s reserves, stating:

“Client assets, Fireblocks or any of the cold storage addresses are not affected. It’s company procedure to keep 99% of our user funds in cold storage to limit the impact of these type of events.”

As part of the ongoing security checks, Deribit had to halt withdrawals, including custodians Copper Clearloop and Cobo, until the exchange is 100% confident about security following the hack. “Deposits already sent will still be processed, and after the required number of confirmations, they will be credited to accounts,” the firm added.

According to the information on Deribit’s Telegram chat, trading on Deribit is operating as usual. “Due to our hotwallet policy we were able to limit loss of user funds,” a Deribit support person noted.

Deribit’s insurance fund will not be affected by the hack, as the exchange will pay the loss for the it as well. “Deribit remains in a financially sound position and ongoing operations will not be impacted,” the statement notes.

A spokesperson for Deribit told Cointelegraph that the company is aiming to resume withdrawals as soon as possible and is now checking “all security measures.” The platform is also working on a full incident review at the moment to provide more details about the vulnerability that could have caused the issue, the person added.

The hack was the first time for Deribit to experience such an attack and losses since the company’s launch, the representative said.

Founded in 2016, Deribit is one of the largest crypto derivatives exchanges in the world, allowing users to trade crypto futures and options. At the time of writing, Deribit’s daily trading volume amounts to $280 million, according to data from CoinGecko.

Related: Scary stats: $3B stolen in 2022 as of ‘Hacktober,’ doubling 2021

At the time of writing, some of Deribit’s website sections also appear to be nonoperating. Deribit Insights, the firm’s crypto data hub, is not available at the time of writing, showing a “critical error on this website.” In the meantiDeribit’s trading website is intact. According to a Deribit’s representative, the website issue and the hack are not related.