Taiwan’s crypto exchange BitoPro is facing serious questions after blockchain investigator ZachXBT alleged that the platform was hacked for around 11.5 million dollars on May 8, 2025.
Weeks have passed, but the exchange has yet to acknowledge any breach publicly. BitoGroup hasn’t said anything about the situation on their official X account or Telegram. They also haven’t given any explanation to their users.
Instead, they’ve kept posting about trading promotions and events like everything is normal.
The problem came up on June 2, when BitoGroup tweeted about their “June Trading Challenge,” offering crypto rewards to the first 800 users who complete tasks. That’s when ZachXBT pointed out suspicious activity involving the exchange’s wallets. In response, ZachXBT posted a reply directly calling them out.
He wrote, “Do you want to explain to the community why multiple of your hot wallets saw suspicious outflows of ~$11.5M on May 8, 2025, where you still have not disclosed the security incident on X or Telegram several weeks later?”
That single comment sparked immediate attention across the crypto space.
What the on-chain data shows
According to ZachXBT’s Telegram post, the funds were drained from BitoPro’s hot wallets across several blockchains. Ethereum, Tron, Solana, and Polygon were all involved. The stolen assets were sold through decentralized exchanges, then laundered through a mix of Tornado Cash, Thorchain, and Wasabi Wallet.
Some of the wallet addresses shared by ZachXBT include:
- 0x2453933c98b6e55397103f7c1081626e0a02d2c9
- 0x454cf3892a949c94569ab2663090ecdca811a6f0
- Tron address: TROLEONiiod5m8TSdmSR4iW17yQCfc2YJV
- Bitcoin address: bc1qcwzxklr3tr7zjhvql7pqtg57rkvm55vcz8ydul
These are linked to the suspicious flows that occurred on May 8. The pattern is typical of post-hack laundering methods, where funds are quickly moved, swapped, and masked to avoid detection.
Users were only told the platform was undergoing “maintenance.” After a while, BitoGroup confirmed the hack on its old hot wallet during the wallet system upgrade. It said, “user assets remain completely unaffected. Since the incident, all deposit, withdrawal, and trading functions have continued to operate normally.” It also assured that the majority of assets are “securely held in offline cold wallets.”
ZachXBT, known for his reliable investigations into crypto hacks, has already shared the wallet addresses involved and mapped out exactly how the stolen funds were moved and laundered across blockchains.
