Key Highlights
- A hacker exploited a vulnerability in one of BC.Game’s third-party integrated games, stealing approximately $4.3 million in cryptocurrency funds.
- The attacker used part of the stolen funds (~$1.7M USDC) to open a heavily leveraged short position on Ethereum worth ~$31 million. The trade was liquidated as ETH price rose, resulting in ~$1.53 million in losses.
- BC.Game publicly identified the hacker’s wallet address and announced a $500,000 USD bounty for information leading to identification or asset recovery, asking the community to help trace the funds.
BC.Game, a popular crypto casino platform, has publicly identified a wallet it says belongs to a hacker who exploited the site and then lost heavily in a leveraged Ethereum trade.
The saga begins with the address 0xA5e..80cA receiving roughly 1.7 million USDC, which BC.Game claims was stolen through a vulnerability in one of its third-party integrated games. The total haul from the exploit reportedly reached $4.377 million.
Rather than cashing out quietly, the attacker used the proceeds to open a massive short position on Ethereum (ETH), betting on a price drop with extreme leverage, as noted by EyeOnChain, an X handle monitoring on-chain transactions.
As per the findings, the position involved around 15,457 ETH, valued at approximately $31 million at entry. As ETH’s price climbed, it triggered partial liquidations on the hacker’s short position that eroded the margin. Within about 20 hours, the $1.7 million stack shrank to roughly $171,000, wiping out an estimated $1.53 million in losses.
BC.Games catching the trade
Noting the post by EyeOnChain, BC.Game responded by naming the wallet directly in a post on X, declaring that the funds were “illegal proceeds.” The casino platform offered a $500,000 USD global bounty for credible leads that help identify the perpetrator or recover assets.
BC.Game further highlighted an invite code—MMREFCSI—used during the alleged exploit, suggesting it could serve as a tracing clue for investigators or tipsters. The platform urged players and on-chain analysts worldwide to come forward with information. “BCGAME is now offering a global bounty to all players worldwide for any leads on this address!” the announcement read, emphasizing cooperation with partners and blockchain forensics teams.
Risks in the crypto gambling space
The incident underscores persistent risks in the crypto gambling sector, where third-party game integrations can introduce weak points despite provably fair mechanics on core titles. It also highlights how stolen funds often flow straight into high-risk DeFi or perpetuals trading, a pattern seen in previous exploits where quick flips turn into quick losses.
As the incident gained attention within the crypto community, prominent investigator ZachXBT signaled interest by asking BC.Game to check direct messages for potential submissions, while others joked about “bounty week” or questioned payout reliability.
BC.Game, known for supporting over 100 cryptocurrencies and aggressive marketing in the Web3 space, has faced scrutiny before but maintains strong security features like 2FA and audits. The casino platform has not detailed the exact nature of the third-party vulnerability or named the affected game, likely to avoid aiding copycats while remediation continues.
Also read: Your iPhone Could Be a Crypto Thief’s Target: Google Exposes ‘Coruna’ Exploit Kit
