Crypto derivatives platform Deribit was hacked for $28 million late evening (UTC) on Nov. 1.
The incident was confirmed via its official Twitter account several hours later, at 07:00 (UTC) the following day.
Deribit said hackers had compromised several of its hot wallets. The firm sought to reassure users, saying client funds remain safe and any losses incurred are covered by the company’s reserves.
Deribit confirmed that the attack did not affect Fireblocks or any cold storage wallets, adding that it is company policy to store 99% of funds offline in cold storage facilities.
Fireblocks refers to a third-party service that helps institutional players handle crypto custody, settlement, and transfers.
The attack is now isolated, and devs have control of the exploit. The breach saw attackers access Deribit’s Bitcoin, Ethereum, and USDC hot wallets.
Pending further investigations, withdrawals have been halted until more is known, while the exchange has asked users not to deposit funds until the all-clear is given.