Bisq exchange firm that enables trading Bitcoins for national currencies on Tuesday thanks to security vulnerability lost over $250,000 in Bitcoin and Moreno crypto coin. The Exchange had to stop trading after finding out the loophole.
While uncovering the vulnerability, Bisq exchange said nothing about the potential hack or said anything about users’ funds until after 18 hours when it stopped trading on its platform and announced that it took “unprecedented” steps after getting to know that an attacker was trying to steal crypto coins from users.
Bisq exchange in a statement in a statement said that they discovered that an attacker exploited a flaw in the Bisq trade protocol targeting to steal individual traders’ capital. They announced that they know about 3 BTC and 4,000 XMR. The hacker was able to steal from 7 different victims. They said that for now, that is all they know about the operation.
The 3 BTC stolen equaled around $22,000, and 4,000 XMR equals around $230,000 at press time, making the hackers cart away not lesser than $250,000 from Bisq exchange customers.
The loophole these hackers were able to exploit reportedly was a result of an update to the trading protocol, which primarily was meant to advance decentralization and eliminate trusted third parties from the platform. However, they were able to fix the flaw by 12:00 UTC Wednesday and resumed trading a while after.
Reportedly, the Bisq exchange is planning to refund the victims of the hack through future trading revenues.
How Bisq exchange platform works
Bisq, released in 2018 as an exchange, put in place a decentralized autonomous organization (DAO). The platform works like other DEXs as a trading tool, only that its users can trade anonymously as no registration or identity references are required.
Every Bisq exchange user can operate as a node because the platform is based on a distributed network. Even when the Bisq developers stopped trading on the platform, with the platforms decentralized nature, users could override trading suspension when they desire.
Primarily, when exchanges are hacked, such hackers could be booted off the trading platform permanently, but not on the Bisq exchange platform. Even with the flaw fixed, the anonymous hacker can still trade and operate on the platform again.
According to a Bisq exchange developer, he said there is no censorship likening the situation to Bitcoin. He said since anyone can use BTC, it is impossible to ban anyone from using the crypto (BTC) or the Exchange.
