On July 24, WOO X got caught in a cybercrime drama that’s got the crypto world buzzing; a breach led to the theft of a staggering $14 million in various tokens.
The exchange admitted to the “contained incident” and confirmed that unauthorized withdrawals occurred from nine user accounts.
As a precaution, WOO X hit the pause button on withdrawals, giving them time to investigate. But don’t worry, they’ve already reached out to the affected users and promised to fully reimburse them. That’s a silver lining, at least.
We're currently investigating a contained incident that occurred on WOO X earlier today
— WOO X (@_WOO_X) July 24, 2025
While user funds and trading are unaffected, withdrawals have been temporarily paused while we complete the investigation.
Stay tuned to this account for updates: https://t.co/qWc9cDhn2z
The Sneaky Thief Stole Across Multiple Chains
Just 20 minutes after the initial panic, WOO X updated everyone, making sure to clarify that it was nine accounts, and they’d stopped most of the withdrawals after detecting the breach. Still, a solid $14 million had already been swiped. The exchange then published six wallet addresses they believe belong to the hacker. How cozy.
2. As we continue with the investigation, we can confirm losses of $14m from the affected accounts. These users will have all funds covered.
— WOO X (@_WOO_X) July 24, 2025
The exploiter's addresses:
EVMhttps://t.co/Mg6x5XXcR0https://t.co/zotQ43Vk7Y
BTChttps://t.co/VNjy1Tn575https://t.co/njhyF5DTST…
The company’s silence on the tech details of how this happened is a little suspicious, though. They didn’t reveal how the attacker accessed the accounts or give any timeline for when withdrawals might be available again. Not exactly the transparency we were hoping for.
As the saga continued, Cyvers Alerts reported suspicious activity, tracing more than $12 million worth of crypto moving around from Bitcoin, Ethereum, BNB Chain, and Arbitrum.
🚨ALERT🚨Our system has detected multiple suspicious transactions with an estimated loss of more than $12M involving @_WOO_X among $BTC, $ETH, $BNB, and $ARB networks.
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 24, 2025
Suspicious address on $ETH received $1M $USDT from WOO’s hot wallet, with additional $ETH.
The full $1M in… pic.twitter.com/XSvuwCOsZ7
Cyvers even detailed how one ETH address took $1 million in USDT, converted it to ETH, and shuffled $7.3 million to another address. On BNB Chain, they saw 5 BTCB being swapped for BNB and transferred off to yet another fresh wallet. If it sounds like a game of "Where’s the Crypto?" — well, that’s pretty much it.
WOO X Promises Updates
So, WOO X is still on the case and promised to keep us posted once withdrawals are back. They’re sticking to their story that only a small number of accounts were hit, but they’re still being a bit tight-lipped on the attack vector. What’s clear, though, is that they’re committed to making things right, but users are left waiting for more details. We’ll see if the promised updates actually come through.
Alex Shepel
Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require advice. HODL FM strongly recommends contacting a qualified industry professional.
