Taiwanese crypto exchange BitoPro has confirmed a security breach that led to unauthorized withdrawals totaling $11.5 million. The BitoPro hack, which took place in early May 2025, remained unacknowledged until early June. The confirmation came only after blockchain investigator ZachXBT raised alarms over suspicious on-chain activity.
BitoPro says it will fully compensate affected users through its internal risk reserve. However, the incident has raised concerns about delayed disclosure, operational transparency, and the overall state of crypto platform security in Asia.
Suspicious Outflows Uncovered by ZachXBT
The incident began unfolding on June 02. That’s when blockchain analyst ZachXBT alerted the public of a series of unusual withdrawals from wallets linked to BitoPro. Someone was moving assets, primarily USDT and other ERC-20 tokens, across multiple addresses. This pattern raised immediate red flags among on-chain investigators.
Despite speculation gaining traction, BitoPro remained silent for more than a week. On June 2, the exchange finally confirmed the breach. It described the event as a “security incident involving unauthorized access.”
What Happened During the Breach
According to BitoPro, the attacker gained access to a portion of its hot wallet infrastructure and exfiltrated several digital assets. However, the exchange emphasized that the breach did not affect its cold wallet storage.
More importantly, the company stated that operational integrity has since been restored. Initial estimates put the loss at $11.5 million. While BitoPro has not shared technical details, it is working with Taiwanese cybercrime investigators and blockchain forensics experts to trace the stolen assets.
BitoPro Assures Users Their Funds Are Safe
To ease concerns, BitoPro reassured the public that users will not bear any losses. The platform said it would cover the damage using its internal crypto exchange risk reserve. This safeguard was established specifically for crisis events.
“All affected users will be fully compensated,” the company said. “We are strengthening our infrastructure to prevent such incidents from recurring.”
At the time of writing, trading and withdrawals remain operational. BitoPro also confirmed that no user account data was compromised.
Delayed Disclosure Raises Red Flags
Even so, the delayed disclosure has drawn significant criticism. While the user fund protection is welcome, many users and analysts view the silence as deeply troubling.
In the crypto space, where trust is fragile and information spreads fast, waiting nearly two weeks to disclose a breach is seen as unacceptable. Critics accused BitoPro of attempting to withhold the information until it was exposed by ZachXBT.
As a result, the incident has reignited broader concerns about transparency standards on centralized platforms. These issues are particularly relevant in developing crypto markets like Taiwan.
Regulatory and Market Implications for Taiwan
Looking forward, this case may prompt changes in crypto regulation in Taiwan. Currently, disclosure rules for exchange hacks are vague. Industry observers expect regulators to introduce stricter incident reporting guidelines. These could include mandatory timeframes and more frequent security audits.
For traders and investors, the BitoPro hack raises important questions about crypto exchange safety. Are these platforms truly prepared for security threats? And can they maintain user trust under pressure?
>>> Read more: $400M Fallout: Coinbase Faces Backlash After Data Breach
The BitoPro hack is a clear reminder that even established exchanges are not immune to cyberattacks. While user funds appear secure, the reputational damage from the delayed response may prove harder to repair.
As investigations continue and regulatory scrutiny increases, BitoPro’s next steps will be critical. The outcome will likely shape both its future and public confidence in Taiwan’s broader crypto ecosystem.
Readers’ frequently asked questions
How do I know if my BitoPro account was affected by the hack?
BitoPro has not released a list of affected accounts. The platform states it will notify impacted users directly, who can then apply for compensation from its internal reserve.
Does BitoPro offer a transaction history tool I can check for unusual activity?
Yes. Users can access their complete transaction logs through the account dashboard. If you see unauthorized withdrawals, contact BitoPro’s support immediately.
Where can I get official updates from BitoPro about the hack?
BitoPro posts updates on its official website and verified social media accounts. Users are advised to avoid third-party channels to prevent phishing attempts.
What Is In It For You? Action items you might want to consider
Review your exposure to centralized exchanges
If you store funds on centralized platforms like BitoPro, consider moving high-value holdings to cold wallets or diversifying your custody strategy.
Monitor incident response standards in your region
The BitoPro hack may highlight weaknesses in disclosure policies. Stay informed about how your local authorities expect crypto platforms to handle breaches.
Track on-chain alerts and independent security researchers
Security analysts like ZachXBT often uncover breaches before official disclosures. Following these sources can help you respond faster to emerging threats.
