In late September, HTX found itself grappling with a considerable setback as a hacker managed to siphon off a staggering 5,000 ETH from its coffers. The situation demanded swift action, and the crypto exchange juggernaut, Huobi Global, rose to the occasion. Remarkably, HTX not only succeeded in reclaiming the pilfered funds but also demonstrated its unwavering commitment to cybersecurity by offering a generous 250 Ether reward to those who aided in resolving this intricate conundrum.
The narrative unfolds on September 25, a day etched in HTX’s history when one of its hot wallets fell victim to the cunning exploits of the hacker. The stolen 5,000 ETH, valued at approximately $8 million at the time, cast a looming shadow over the exchange. Yet, HTX did not falter. In a bold move, they reached out to the hacker, asserting their knowledge of the perpetrator’s identity.
As the saga unfolded, HTX extended an olive branch, proposing a unique resolution. They offered to dispense a 5% bounty, a princely sum of roughly $400,000, and vowed to refrain from pursuing legal action if the hacker would willingly return 95% of the misappropriated funds before the October 2 deadline. A gamble, some would say, but one that bore fruit.
Fast forward to October 7, a day when jubilation rippled through the Huobi Global community. In a tweet, Justin Sun, an influential investor and trusted adviser of HTX, celebrated the hacker’s decision to make amends. He stated, “The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!” It was a moment of triumph, a testament to the tireless endeavors of the cybersecurity guardians.
Justin Sun further emphasized the exchange’s relentless commitment to bolstering blockchain security and safeguarding user assets, acknowledging that it was no easy feat. With humility, he extended heartfelt gratitude to the loyal users and the steadfast community that stood by them throughout this trying episode.
This incident was not isolated, for the third quarter of 2023 had witnessed an alarming surge in hacker activities. A report from the esteemed blockchain security platform, Immunefi, revealed a staggering 76 cyber intrusions targeting crypto and Web3 projects and corporations during Q3 2023, a stark contrast to the 30 incidents recorded in the same period the previous year.
In a chilling coincidence, Mixin Network, a decentralized cross-chain protocol, found itself ensnared in a similar predicament during the same week as HTX’s ordeal. A ruthless band of attackers exploited a vulnerability linked to a third-party cloud service provider, leading to a loss of approximately $200 million. In an act of desperation, Mixin Network extended a tantalizing $20 million bug bounty to entice the return of the pilfered funds, although the odds of recovery appeared to be diminishing by the day.
On October 6, Anne Neuberger, the United States deputy national security adviser for cyber and emerging technology, raised concerns of a disconcerting possibility. She suggested to Bloomberg that the malevolent hand of North Korean hackers may be at play in the Mixin Network breach. With a hint of dread, she remarked, “The tradecraft appears to be the same kind of tradecraft we’ve seen from the DPRK previously.”
