Why Do You Need To Store Your Private Keys Safety? BtcTurk's Experience

Mila Mostovaya

Security Exchange
Why Do You Need To Store Your Private Keys Safety? BtcTurk's Experience

In the middle of August 2025, BtcTurk, a centralized exchange in Turkey, was hacked by criminals. Interestingly, the attack targeted the exchange's hot wallets, which the fraudsters accessed by stealing private keys. In this article, we are going to discuss how a hack like this was possible and what lessons we can learn from this incident.

Key Takeaways

  • The compromise of private keys was the main reason for the BtcTurk hack: attackers gained access to hot wallets and emptied them
  • The scale of the damage amounted to $48–54 million, with most of the stolen funds being transferred to Ethereum (ETH)
  • The problem of storing large amounts in hot wallets made the exchange an easy target. Such funds should be distributed across cold wallets

How Was BtcTurk Hacked?

The main reason for what happened was weaknesses in BtcTurk's hot wallet security system, especially in the management of private keys. A similar problem had already led to disaster a year earlier: in June 2024, the exchange lost $54 million under similar circumstances.

In both cases, attackers managed to gain unauthorized access to the keys controlling the hot wallets and empty them. In other words, there was likely a leak or compromise of private keys, either through an internal breach or human error.

Moreover, some experts believe that the enormous amount of coins stored in the hot wallets of the exchange became bait for thieves.

External factors, such as the lack of strict regulation, cannot be ruled out. In Turkey, the cryptocurrency sector is still in a gray area, where there are no strict mandatory security requirements for exchanges.

Unfortunately, it is not yet clear how exactly the keys fell into the hands of the attackers, but the fact itself points to serious miscalculations in the handling of sensitive data.

Scale Of Damage

According to estimates, the attackers stole the equivalent of approximately $48–54 million in various cryptocurrencies.

The hackers' main target was Ethereum (ETH) — according to various sources, they gained control of approximately $34–39 million worth of ETH after converting the stolen tokens.

The attackers immediately converted most of the secondary assets into ETH, which is why the majority of the stolen funds is expressed in ether. The remaining assets covered a wide range of networks and tokens. These included, for example, Avalanche (AVAX), Arbitrum (ARB), Base, Optimism (OP), Mantle, and Polygon (MATIC) — from the Ethereum and L2 networks — as well as Solana (SOL) tokens and assets on the BNB Smart Chain network.

No direct financial losses have been reported for BtcTurk users — the exchange has announced that it will cover the losses from its own reserves without affecting customer assets. According to the company, each user's balance remains unchanged, despite the loss of some funds from hot wallets. Nevertheless, indirect damage to customers is evident: at the very least, many experienced stress and uncertainty when the exchange froze crypto withdrawals and deposits during the investigation.

The Bottom Line

Centralized exchanges (CEXs) remain vulnerable crypto services, especially those that operate in the “gray zone” of regulations. This means you should carefully choose platforms to buy, sell, and store coins.

What lessons can we learn from the BtcTurk incident?

📌 Do not store large amounts of coins in hot wallets, even if they are exchange wallets.
📌 Store your private keys in a reliable place.
📌 Use cold wallets if you need to store large amounts of coins.