The company behind the digital currency Tether has said that close to $31m (£23.4m) worth of its tokens have been stolen.
The Hong Kong-based company said it had taken action to prevent the thieves from redeeming the funds but now required other users to install an update.
It follows a series of other recent scandals involving crypto-currencies.
Bitcoin fell on the news but soon recovered most of its lost ground.
Unlike many digital currencies, which tend to fluctuate wildly against the dollar, Tether is pegged to the US currency.
This is supposed to protect investors from the volatility that can affect Bitcoin, Ethereum, Ripple and Litecoin, while allowing them to take advantage of a Blockchain-based asset suitable for fund transfers.
According to Tether's operator, $30,950,010 worth of tokens were removed from one of the company's core "treasury wallets" and sent to an unauthorised Bitcoin address on 19 November.
"A thorough investigation on the cause of the attack is being undertaken to prevent similar actions in the future," the company said in a statement published on its site.
It added that a software update should "prevent any movement of the stolen coins from the attacker's address" but only if other investors installed it "immediately".
"We appreciate the community's patience, understanding, and support while we work to rectify the situation," it added.
The news site Coindesk reported that several crypto-currency exchanges had taken steps to freeze trade in Tether following the announcement.
Coindesk also reported that Tether had links to Bitfinex - a Hong Kong-based exchange that reported a hack last year blamed for about $65m of losses - although the report added that the "nature of the connection" was unclear.
The BBC has contacted Tether to seek clarification on the matter.
Other recent controversies involving digital currencies include:
- a "code bug" in Ethereum's digital wallets being blamed earlier this month for freezing more than $150m worth of Ether, preventing investors from being able to cash out
- a South Korean exchange, Bithumb, saying that one of its employee's PCs had been hacked in June. Several of its customers reported follow-up scam calls
- another South Korean exchange, Yapizon, being breached in April. Reports have said North Korean hackers are suspected of stealing about $5m worth of funds
- an Israeli crypto-currency trading company, CoinDash, reporting that $7m was stolen from investors in July after its website was breached and an initial coin offering's contact address altered