Direct quote from Belliodo, Ceo of QNC:
“Our first product is a portable USB QRNG device that will generate pure randomness as the cornerstone of unhackable encryption systems. We are planning to use this device to develop, in collaboration with institutional technology partners, breakthrough security solutions for blockchain applications. Block addresses are generated with random numbers and cryptographic hashing algorithms. They are key to the trust of the blockchain. Any weakness in the randomness used could be exploited by an attacker to predict things and breach the system." 5 hours ago — Bitmart confirmed the hack in an official statement Saturday night, calling it “a large-scale security breach” and writing that hackers withdrew
Bitmart says it is still unclear what possible methods the hackers used, but what happened after the breach was pretty straightforward, according to Peckshield. It was a classic case of “transfer-out, swap, and wash,” according to the security firm.
After transferring the funds out of Bitmart, hackers apparently used the decentralized exchange aggregator known as ‘1inch’ to exchange the stolen tokens for ether. From there, the ether coins were deposited into a privacy mixer known as Tornado Cash, which makes the money harder to trace.
Cybercriminals often look to a mixing or tumbling service, according to Rick Holland, chief information security officer at Digital Shadows, a cyberthreat intelligence company. Holland told CNBC these services allow users to combine illicit funds with clean crypto to essentially make a new type of cryptocurrency, at which point they turn to currency swaps.
So even though the blockchain is public, there are still ways to make it difficult for investigators to trace transactions to their ultimate destination.
This latest breach comes amid a wave of recent hacks.
Last week, crypto lender Celsius Network admitted to losing funds (though it didn’t specify how much it lost exactly), as a result of the $120 million hack of the decentralized finance platform BadgerDAO.
And in August, a hacker stole more than $600 million worth of tokens from the cryptocurrency platform Poly Network. In a strange twist, the attacker subsequently returned nearly all of the money.