Cryptocurrency sleuth ZachXBT made a concerning claim on his Telegram channel that two wallets connected to Australian crypto exchange CoinSpot appear to have fallen victim to a hack. According to ZachXBT’s post, the wallets were drained of cryptocurrency worth around $2 million.
ZachXBT pointed to two specific transactions as evidence for the suspected hack. In the first transaction, 1,262 ETH was sent from one of CoinSpot’s wallets to an unknown address. In the second transaction, 20.99 ETH was transferred from another CoinSpot wallet to what seems to be the same address.
After receiving the funds, the recipient allegedly swapped the ETH for other cryptocurrencies including wrapped Bitcoin, USDC, and USDT. They appear to have done so using decentralized protocols like Uniswap, THORchain, and WBTC smart contracts. This makes it difficult to track or recover the stolen funds.
Founded in 2014, CoinSpot has not reported any major security breaches or hacks to date based on public information. However, its users were targeted in a phishing attack in December 2021 highlighting vulnerabilities. On its website, CoinSpot claims that it “maintains industry best practices by securing a vast majority of assets in highly secure offline locations.” The exchange has not yet publicly commented on the transactions that ZachXBT identified through on-chain activity, which point to a possible hack draining wallets of $2 million worth of ETH.
