Crypto exchange BitoPro confirms hacker breach on May 8
Taiwanese cryptocurrency platform BitoPro has officially admitted that it was the victim of a hacker attack on May 8, which resulted in the theft of $11.5 million from several of the platform's hot wallets.

However, the company did not publicly report the incident for almost three weeks, despite numerous signals from users about problems with the withdrawal of funds. From the early morning of May 9, customers began to complain that they could not withdraw USDT stablecoins, while the exchange administration explained the delays by regular maintenance. The first suspicious transactions were recorded by blockchain analyst ZachXBT, who drew attention to the mass withdrawal of assets from BitoPro wallets and their subsequent movement through the decentralized exchange. The activity was detected in several networks at once - Tron, Solana, Polygon and Ethereum, which indicates well-organized actions by attackers.
Some of the stolen funds went through crypto mixing service Tornado Cash, while others were routed through Thorchain before ending up in a wallet linked to the crypto mixer Wasabi. ZachXBT published his findings, noting that BitoPro had not publicly informed the public about the incident or taken any public action to respond. Just three hours after his report was published, the exchange finally confirmed the hack, saying that an “old hot wallet” that was used before the company began upgrading its asset storage system had been attacked.
According to them, at the time of the attack, the process of transferring funds was underway as part of the modernization of the wallet infrastructure. This incident became another reminder of how vulnerable even large platforms working with digital assets are, especially if less secure hot wallets are used. Experts also drew attention to the complex scheme for laundering the stolen funds, which may complicate their tracking and recovery.
It was previously reported that in May 2025, crypto projects around the world suffered losses as a result of hacker attacks, of which 20 were recorded. The total amount of lost funds was $244.1 million , which is almost 40% less than a month earlier, experts from PeckShield reported.