- June began with over $15 million in crypto losses from two separate hacks on Nervos Network’s Force Bridge and BitoPro exchange.
- The Force Bridge exploit resulted in around $3.7 million in stolen assets, including ETH, USDT, and WBTC.
- Taiwan’s BitoPro exchange suffered an estimated $11.5 million loss from a hot wallet breach on June 1st.
June of this year has started on a sour note for the crypto community. Two separate hacks have resulted in over $15 million in combined losses within the month, with only a few days on the calendar.
The first incident involved a cross-chain exploit on Nervos Network’s Force Bridge, while the second hit Taiwan’s BitoPro exchange. Combined, both of these incidents have led to losses of millions in user funds, and here are the details.
The Nervos Network Exploit
The first attack targeted Force Bridge. For context, Nervos is a cross-chain solution developed by the Nervos Network for interoperability with other blockchains like Ethereum and BNB Chain.
Early on 1 June, Magickbase (the entity operating Force Bridge) detected abnormal activity at 03:12 UTC. Despite suspending bridge services shortly after, the damage had already been done.
According to updates from Cyvers Alerts, a suspicious wallet had gained unauthorized access to the protocol and allowed the attacker to siphon off roughly $3.7 million in digital assets including ETH, USDT, USDC, DAI and WBTC.
After executing the theft, the funds were then converted into ETH and routed through Tornado Cash. According to Cyvers Alerts’ analysis, confirmed losses had reached $2.65 million by 07:17 UTC.
However, a later statement from Magickbase revised the figure to $3.7 million, across Ethereum ($3.1M) and the BNB Chain ($600K).
The bridge has now been temporarily disabled, with cross-chain transfers now halted between Ethereum, BNB Chain, and Nervos’ native CKB chain.
The BitoPro Breach
On the same day, another serious hack hit BitoPro, a Taiwan-based crypto exchange.
This hack resulted in around $11.5 million in losses. As of writing this report, the exchange was yet to issue a public statement. Notably, independent blockchain investigator ZachXBT estimated the attack occurred not in June, but in May.
The hack seems to have involved hot wallets, which are more vulnerable compared to cold wallets.
BitoPro has since confirmed that the hack happened during a wallet system upgrade and asset transfer process. However, the full extent of the damage is still mostly unclear.
According to CoinGecko, BitoPro recorded over $24 million in 24-hour trading volume, which shows that it is still operational despite being hacked.
$244 Million Lost in May Alone
These two hacks come on the heels of an already damaging May for the crypto industry. According to reports from PeckShield, hackers stole over $244 million during the month.
One of the biggest of these hacks involved Cetus, where suspected North Korean hackers stole more than $200 million in funds.
Meanwhile, derivatives platform BitMEX narrowly avoided a similar fate when it successfully escaped an attempted hack from the same Lazarus Group.
These figures show that the crypto industry is seen as a lucrative and relatively easy target for malicious attackers.
In essence, crypto is moving fast, but security isn’t keeping up. These two hacks of over $15 million in the first days of June sent a clear message throughout the crypto space.
Whether it’s cross-chain bridges like Force Bridge or trading platforms like BitoPro, vulnerabilities are everywhere, and attackers are always watching.
Unless the industry unites around better security practice, the price will continue to be paid not just in dollars, but in crypto and in trust.
