HELP CENTER
Dec. 11 Security Incident Report
Publish on 2021-12-16
Dear AscendEX Users,
Following the recent security incident on December 11th (see:
https://ascendex.com/en/support/articles/62138), AscendEX has been working closely with law enforcement and cybersecurity institutions including Ledger and Chainalysis to reinforce process controls, infrastructure security, compliance, and account-level security leveraging industry-leading security controls. Trust is our key priority in every aspect of our business.
What happened?
On December 11th, an individual or number of criminal actors gained unauthorized passthrough access to AscendEX’s hot wallet infrastructure and initiated a number of transfers on the Ethereum, Polygon, Binance Smart Chain, Litecoin, and Bitcoin Cash networks. Shortly after these unauthorized transactions occurred, our internal monitoring systems detected an anomaly and initiated emergency security protocols. An in-depth security audit identified the breach as the result of an exploit of hardware-level vulnerability from third-party infrastructure utilized by AscendEX. The infiltration was carried out by highly sophisticated perpetrators. We have been working closely with law enforcement as well as blockchain forensic firms to gain further knowledge on the incident.
Since then, our team has worked extensively to build and deploy new hot wallet infrastructure using extensive security measures. The new system leverages industry-leading security controls to protect against any single point of failure at the human, process, and workflow levels.
Our Response
Our internal audit and security response teams thoroughly identified and analyzed the root cause of the breach. We then deployed a completely new hot wallet infrastructure, meaning no single aspect of our legacy technology or hardware was reused.
The new infrastructure not only addresses the root cause of the issue, but it exhausts many additional redundant security measures and fail-safes to ensure a breach is probabilistically unfeasible using Defense in Depth (“DiD”) techniques.
We see the current situation as an opportunity to reiterate and showcase our fundamental values of trust, resiliency, and integrity through our actions. We recognize the path forward is not easy, but we feel this is an opportunity to lead by example to rebuild and further strengthen the trust our users have in the platform.
Damage Mitigation
Following the breach, our number one priority has been to reduce any and all possible damages incurred by our users, partners, projects, and communities that were impacted.
Of the projects that were impacted by the attack, five have conducted a smart contract migration. These projects are Zignaly, Bemil Coin, Gather, BTC Proxy, and Aubit. As a result of the swift action taken by these projects, over $10 million in assets were recovered.
Token | New Contract Address |
Zignaly (ZIG) | 0xb2617246d0c6c0087f18703d576831899ca94f01 |
Bemil (BEM) | 0x7B86b0836f3454e50C6F6a190cd692bB17da1928 |
Gather (GTH) | (waiting for confirmation) |
BTC Proxy (PRXY) | 0x720a54ff4cdb209cc3c13991b11d7ac74e432677 |
Aubit (FWT) | (waiting for confirmation) |
AscendEX has reimbursed 100% of users impacted by this incident. We will continue to carefully monitor our exchange infrastructure and maintain white-glove support for our users, projects, and institutional clients.
Resumed Services
We’re happy to announce that deposits and withdrawals will be opened at approximately 3:00 UTC, December 16th. Deposit and withdrawals services will begin with Ethereum (see: https://ascendex.com/en/support/articles/62199). We will gradually resume services for other assets to ensure a smooth reopening of the platform. Any user that wishes to withdraw their assets will be permitted to do so once withdrawals reopen for the particular coin or token.
All transfers that were made to and from AscendEX during halted services will be processed beginning at 3:00 AM UTC, Dec. 16th / 10:00 PM EST on Dec. 15.
IMPORTANT NOTE: We have deployed a completely new hot wallet infrastructure, meaning no single aspect of our legacy technology or hardware was reused. Accordingly, each account has been assigned NEW deposit addresses for each network. Deposits must be made to newly assigned addresses in order to be credited.
Moving Forward
We realize that this is just the start of our path towards rebuilding our user’s trust. Our commitment to meet and exceed industry-leading security practices and protect our users is steadfast and unwavering. We are grateful for the support from our partners and customers and will continue to maintain the highest levels of transparency and resiliency as we continue on our journey together. We will continue to work closely with law enforcement and blockchain intelligence firms to pursue the perpetrators and uphold the integrity of our platform.
Thank you for your continued support.
Onwards and Upwards!
The AscendEX Team