Turkish cryptocurrency exchange BtcTurk has halted withdrawals amid reports suggesting that the platform has suffered a major loss of funds due to a hack.

Cybersecurity firm Cyvers took to X on Thursday to report that it had detected $48 million worth of digital assets, including Ether (ETH), involved in unusual activity.

“Our system detected multiple alerts across ETH, AVAX, ARB, BASE, OP, MANTLE and MATIC networks,” Cyvers reported, adding that the attacker had moved the assets to two addresses and begun swapping them.

BtcTurk subsequently halted deposits and withdrawals, citing a “technical issue” with hot wallets, reporting that trading and local currency withdrawals and deposits remained intact.

Cold wallet funds are safe, say team

“During inspections conducted on Aug. 14, 2025, unusual activity was detected in our hot wallets. As a precautionary measure, cryptocurrency deposits and withdrawals have been temporarily suspended,” BtcTurk said in a statement shared at 1:17 pm UTC.

BtcTurk highlighted that most exchange assets are held in secure cold wallets, assuring the public that user assets are unaffected by the suspected attack.

Security, Turkey, Hackers, BTCTurk, Hacks, Companies
BtcTurk confirmed that unusual activity on hot wallets was detected on Thursday (Translated by Google). Source: BtcTurk

“While our detailed investigation continues, authorities have been informed and all necessary security measures have been taken,” the exchange said.

Hacker is swapping stolen assets for Ether

Estimates of assets lost in the alleged hack varied across cybersecurity platforms at the time of writing, with platforms like Lookonchain reporting at least $23 million in stolen assets, while CertiK estimated the losses to be worth at least $50 million.

According to Lookonchain, the hacker has started swapping the stolen assets to Ether.

Related: Ether rally turns Radiant Capital exploit into $103M windfall for hacker

CertiK said that the hacked assets have been withdrawn across three wallets, including two Ethereum addresses, 0x7D91D1[...], 0xA041Fe[...], and the Solana (SOL) address 9sjdD9Xg[...].

The past three transactions from 0x7D91D1 address. Source: Etherscan


The swaps from the Ethereum addresses are ongoing by publishing time, with some of the latest transactions involving MetaMask Swaps, according to data from Etherscan.

Thursday’s suspected hack comes just over a year after a June 2024 breach in which BtcTurk reported unauthorized withdrawals from some hot wallets, which led to losses of around $55 million. At the time, Binance CEO Richard Teng said the exchange had frozen more than $5.3 million in stolen funds while assisting the investigation.

In July 2024, BtcTurk’s long-serving CEO Özgür Güneri stepped down after seven years at the helm as the company laid the groundwork for global expansion into markets in Latin America, Africa and the Asia‑Pacific region. BtcTurk founder Kerem Tibuk took over as acting CEO, while Güneri remained on the board.

Magazine: Altcoin season 2025 is almost here… but the rules have changed