BingX, a Singapore-based cryptocurrency exchange, has temporarily halted withdrawals after a suspected hacker breached its hot wallet. Blockchain analysts estimate the losses to surpass $40 million.

On September 20, Vivien Lin, BingX’s Chief Product Officer, shared in an X post that the attack took place around 4 a.m. Singapore time, triggering the company’s emergency response plan. Lin stated that the exchange promptly moved its assets to more secure locations. 

While the exact scale of the breach is still being determined, Lin assured users that the majority of assets are stored in cold wallets, which remain unaffected by the attack.

Despite Lin’s description of the breach as resulting in only “minor asset loss,” blockchain security firm PeckShield suggests the losses are more significant.

PeckShield estimates that approximately $26.68 million, including Ethereum and BNB, had already been stolen, with another $16.5 million being siphoned shortly afterward. Analysts tracked the stolen funds to two wallet addresses, putting the total estimated loss at over $43 million.

Lin emphasized that BingX will fully reimburse any lost funds with its own resources and anticipate the resumption of withdrawals within 24 hours. The company also noted that trading services remain operational, and user funds are safeguarded under its layered asset management system.