BtcTurk Halts Transactions After $49M Crypto Hack
The Turkish cryptocurrency exchange BtcTurk has announced the suspension of all deposits and withdrawals following the detection of suspicious activity in its hot wallets, raising fears of a major theft of digital assets. The incident occurred on August 14, 2025, during a routine audit, when specialists identified anomalous transactions and immediately restricted all cryptocurrency transfers.
The company emphasized that the overwhelming majority of client funds are held in cold wallets—offline storage systems isolated from the internet—and that these assets remain untouched. Trading on the platform continues, while internal technical teams carry out an investigation, promising to share updates through official channels.
According to analysts at PeckShield, the breach may have been caused by the compromise of a hot wallet’s private key. Hot wallets, protected by seed phrases and keys, are software-based and constantly connected to the internet, making them inherently more vulnerable. Cold wallets, by contrast, are typically physical devices, providing maximum security through complete network isolation. For an exchange, both are essential: hot wallets facilitate rapid transactions, while cold wallets safeguard the bulk of long-term holdings.
Preliminary blockchain analysis suggests that the stolen funds—amounting to roughly $49 million across various tokens—are already being laundered. Experts note that the attacker has begun actively exchanging the stolen assets across multiple blockchains to obscure their trail. Approximately half of the stolen funds have already been converted into Ethereum, complicating recovery efforts. PeckShield’s head, Xuxian Jiang, remarked that based on precedent, the likelihood of successful negotiations with the attacker remains slim.
Though BtcTurk is relatively unknown outside Turkey, its app has more than six million registered users on Google Play, making it one of the region’s largest platforms. The breach falls into an escalating pattern of large-scale attacks against cryptocurrency exchanges, which have increasingly become prime targets for sophisticated cybercriminals.
In 2024, North Korea-linked hacker groups were the most active in this space, stealing approximately $659 million in digital assets. In 2025, they were linked to the record-breaking breach of Bybit, which resulted in losses of $1.5 billion.
Other high-profile incidents in recent years include attacks on Monero, Atomic Wallet, and LottieFiles, as well as campaigns exploiting vulnerabilities in Ethereum smart contracts—such as the CREATE2 opcode exploit, which allowed attackers to twist transaction validation mechanisms against users themselves.
The BtcTurk case underscores, yet again, that even large and seemingly resilient exchanges remain vulnerable, and that the security of digital assets depends critically on rapid incident response and prudent distribution of funds between hot and cold storage.
