Crypto News

Crypto Exchange HTX, Formerly Known as Huobi Hacked

huobi hacked

Content Guide

The crypto exchange HTX, formerly known as Huobi, experienced a security breach resulting in the loss of 5,000 Ether (ETH) equivalent to $8 million USD, according to a series of posts on social media platform X by Tron founder, Justin Sun.

Discovery of the Breach

Justin Sun, an advisor to HTX and the face behind the Tron network, disclosed the security breach on the platform, explained that despite the substantial loss, the user funds on the exchange remained unharmed, and the platform continued its normal operations. The hack was detected immediately, and a quick action was undertaken to safeguard the funds, maintaining the security of user assets.

HTX acted promptly to counter the losses incurred from the attack, ensuring the resolution of all related issues, and the security of user assets was declared. Sun’s posts indicated, “All user assets are SAFU, and the platform is operating completely normally.” He went on to reassure users by putting the loss in the context of the platform’s total assets and revenue, which dwarf the amount lost to the hacker.

Hackers’ Ethereum Addresses Exposed

Sun, in a move to trace the stolen amount, shared the Ethereum addresses associated with the hackers as “0xdb1” and “0x799,” with approximately $6.3 million located in the “0xdb1” wallet. He highlighted that “$8 million represents a relatively small sum in comparison to the $3 billion worth of assets held by our users,” and compared it to two weeks’ revenue for the HTX platform.

To incite the return of the stolen funds, HTX is offering a white hat incentive, constituting 5% of the stolen amount ($400,000). Sun expressed hopes that this reward would persuade the hacker to return the funds and mentioned the possibility of hiring the individual as a security consultant, upon the return of the money – tho, failure to return the funds within seven days would lead to legal repercussions, with the company submitting the information to law enforcement agencies.

A Pattern of Exchange Breaches

The security breach at HTX wasn’t a solitary incident; another decentralized exchange, Mixin, also suffered a recent security breach, with losses amounting to $200 million in cryptocurrency assets. These instances have sparked discussions around the security protocols of crypto exchanges and the need for reinforced protective measures.

Words on Twitter/X

Cyvers Alerts, a security platform, raised alarms about the HTX security breach even before it gained public attention. Via their official Twitter handle @CyversAlerts, they broadcasted a “Red Code” alert detailing their Machine Learning-powered system’s detection of a suspicious transaction involving @HuobiGlobal and @HTX_Global. Despite their immediate efforts to notify the concerned parties about the suspicious activity, their outreach received no response. “An EOA received 5K $ETH $7.9M from @HuobiGlobal’s hot wallet,” the tweet reported, referring to an Externally Owned Account, a term used in the Ethereum network to denote accounts controlled by private keys.

Further investigation by Cyvers Alerts in the morning following the alert revealed a hot wallet migration by @HTX_Global, as was noted on HTX’s support page, corroborating the suspicion of a compromised hot wallet and a loss amounting to $7.9M. The details of the hacker’s address were provided with a link to Etherscan for users to verify. Interestingly, @HuobiGlobal’s offer of a 5% white hat bonus to the hacker was also noted in the tweet, available via another Etherscan link, albeit in Chinese.

Crypto Twitter of course had comments on the hack as well. Adam Cochran (@adamscochran) further shed light on the situation through his tweet, mentioning that HTX realized their hot wallet had been compromised.

Cochran emphasized the lack of immediate alert to the users and speculated that the breach, facilitated by a direct compromise of the hot wallet key, might have been ongoing for a while, given it was a straight send.

Whats your thoughts on the Huobi accident? Let us know on our official Twitter/X channel:


Related Posts