Mitrade Insights is dedicated to providing investors with rich, timely and most valuable financial information to help investors grasp the market situation and find timely trading opportunities.

2021

Best News & Analysis Provider

FxDailyInfo

2022

Best Forex Educational Resources Global

International Business Magazine

Insights

News

Cryptocurrencies

SlowMist issues public security alert about HitBTC

Source Cryptopolitan

Blockchain security firm SlowMist has found a vulnerability on cryptocurrency exchange HitBTC.

The firm shared the alert on X on Sunday, stating, “We have identified a potential critical vulnerability and reached out via DM in advance under responsible disclosure, but have not yet received a response.”

SlowMist also added that the exchange should contact them “promptly to coordinate next steps.”

How did HitBTC respond to the security threat disclosure?

Going by recent public announcements from SlowMist security analysts, exchanges don’t tend to act with the level of urgency one would expect from custodians of user funds.

The latest one involving HitBTC is at least the third time in recent weeks that SlowMist has publicly disclosed attempted security warnings after failing to establish contact with cryptocurrency exchanges.

In December, the security firm issued similar notices to Seychelles-registered Azbit and Turkish exchange ICRYPEX Global, both of which handle significant daily trading volumes but failed to acknowledge the warnings.

HitBTC is one of the oldest cryptocurrency exchanges still in business since its founding in 2013. The platform, registered in the British Virgin Islands, has a trading volume of over $110 million in the past 24 hours as of the time of writing. Over 250 cryptocurrencies and 800 trading pairs are available on the exchange.

Security concerns are persistent

SlowMist’s 2025 annual security report documented 200 security incidents resulting in losses of approximately $2.935 billion, representing a 46% increase in financial damage compared with the previous year, despite fewer total incidents being recorded as opposed to 2024.

According to SlowMist’s report, “Exchange-related incidents numbered only 12 but caused staggering losses of up to USD 1.809 billion.”

By comparison, decentralized finance (DeFi) protocols experienced 126 incidents resulting in $649 million in losses.

According to data shared by security firm Certik, around $117.8 million was lost to exploits in the crypto space in December 2025 alone.

The shift from higher incident counts to larger individual losses shows that these attacks are becoming more sophisticated and targeted.

Security analysts note that professionalized hacker groups, including state-sponsored actors with alleged North Korean links, are moving from opportunistic attacks to systematic, multi-step operations designed to extract maximum value from fewer high-profile targets.

As Cryptopolitan reported yesterday, one crypto user lost approximately $1.08 million worth of Aave-wrapped Ethereum LBTC (aEthLBTC) in a phishing attack after signing a malicious “permit” signature.

Major AI companies like Anthropic, OpenAI, and Google have also reported that criminals are tapping into their platforms to orchestrate complex phishing operations, develop harmful software, and execute various digital attacks. Security specialists warn that criminals are also producing fake audio and video clips of company leaders to trick employees into giving up sensitive information.

How should crypto exchanges respond to threat warnings?

Security experts usually recommend that cryptocurrency platforms establish clear contact points for reporting vulnerabilities, including publicly available security email addresses and long-term public keys for encrypted communication. Industry guidelines expect that affected parties respond within two working days of initial contact.

When security researchers like SlowMist in this case struggle to establish contact after multiple attempts, they are left with no other option than public disclosure to ensure transparency, especially when user funds face potential risk.

SlowMist has built a reputation for lending weight to the blockchain security apparatus.

The firm assisted in freezing or recovering approximately $19.29 million in stolen funds during 2025 through its threat intelligence network and MistTrack analysis platform. Across 18 major incidents, roughly $387 million of $1.957 billion in stolen funds was frozen or recovered, yielding a recovery rate of 13.2%.

Don’t just read crypto news. Understand it. Subscribe to our newsletter. It's free.

Disclaimer: For information purposes only. Past performance is not indicative of future results.

Recommended Articles

Gold price slips below $3,300 amid weak US data, set for over 5% monthly gains Gold fell some 0.69% during the North American session on Wednesday after hitting a daily high of $3,328. Data from the United States (US) revealed an economic contraction and fueled speculation for further interest rate cuts by the Federal Reserve (Fed).

Author FXStreet

May 01, 2025

Gold fell some 0.69% during the North American session on Wednesday after hitting a daily high of $3,328. Data from the United States (US) revealed an economic contraction and fueled speculation for further interest rate cuts by the Federal Reserve (Fed).

Ethereum Price Forecast: Accumulation addresses post record inflows in December despite high selling pressure Ethereum (ETH) accumulation addresses recorded their highest monthly inflow in December 2025 as the year came to a close. Despite the weak market momentum following the holidays, these wallets doubled down on their buying pressure, adding 3.62 million ETH to their cumulative balance.

Author FXStreet

Yesterday 02: 11

Ethereum (ETH) accumulation addresses recorded their highest monthly inflow in December 2025 as the year came to a close. Despite the weak market momentum following the holidays, these wallets doubled down on their buying pressure, adding 3.62 million ETH to their cumulative balance.

Malaysian doctor loses RM529,200 in crypto scam — then gets hit again by fake “fund recovery” pitch A 67-year-old Malaysian doctor lost RM529,200 after a crypto “investment” pitch on TikTok and a second fake “fund recovery” scheme, Perak police said, warning of rising multi-stage fraud tactics.

Author Mitrade

Yesterday 09: 09

A 67-year-old Malaysian doctor lost RM529,200 after a crypto “investment” pitch on TikTok and a second fake “fund recovery” scheme, Perak police said, warning of rising multi-stage fraud tactics.

My Top 5 Stock Market Predictions for 2026 Five 2026 market predictions written in a native, news-style voice: AI’s winners and losers, broader sector leadership, dividend demand, valuation cooling as the Shiller CAPE sits at 39 (Dec. 31, 2025), and quantum-computing bursts—while keeping all original facts and numbers unchanged.

Author Mitrade

9 hours ago

Five 2026 market predictions written in a native, news-style voice: AI’s winners and losers, broader sector leadership, dividend demand, valuation cooling as the Shiller CAPE sits at 39 (Dec. 31, 2025), and quantum-computing bursts—while keeping all original facts and numbers unchanged.

Gold Price Forecast: XAU/USD jumps above $4,350 on US-Venezuela tensions Gold price (XAU/USD) climbs to around $4,370 during the early Asian trading hours on Monday. The precious metal extends its upside amid a renewed surge in geopolitical risk after the United States' (US) capture of Venezuelan President Nicolas Maduro.

Author FXStreet

9 hours ago

Gold price (XAU/USD) climbs to around $4,370 during the early Asian trading hours on Monday. The precious metal extends its upside amid a renewed surge in geopolitical risk after the United States' (US) capture of Venezuelan President Nicolas Maduro.

Popular Symbols