In September 2023, the Remitano cryptocurrency exchange was the victim of a hack. The attacker stole an estimated $2.7 million, of which about $1.4 million was frozen by Tether.
Inside the Attack
In September 2023, the Remitano cryptocurrency exchange experienced suspicious withdrawals from its wallets. After further investigation, the company confirmed that the outflow of about $2.7 million was the result of a hack.
In a statement, Remitano divulged that the attack was likely caused by a data breach by a third-party source. The exposed sensitive information — likely including private keys — enabled the attacker to transfer cryptocurrency from the exchange’s hot wallet to a new address. As a result of the incident, the exchange transferred user funds to cold wallets, suspended certain functions, and worked with Tether to freeze the stolen assets.
Lessons Learned from the Attack
The Remitano hack was most likely the result of a compromised private key. If a hot wallet’s private key was included in the reported data breach, then an attacker could unilaterally transfer the stolen assets out of the exchange’s hot wallet.
This and similar incidents underscore the value of multi-signature wallets for enhanced account security. By requiring multiple private keys to authorize transactions, multi-sig wallets reduce the risk that such a data breach would result in lost cryptocurrency. Check out our blog for more information on multi-sig wallets and how to use them.