On the evening of October 7, 2023, HTX Exchange Advisor, Justin Sun, confirmed the return of the entire hacked amount and awarded a 250 ETH bug bounty to the hacker at the designated address.
Earlier on September 24, the blockchain analysis platform Cyvers discovered a suspicious transaction in which 5,000 ETH from Huobi Exchange’s hot wallet was transferred to an unfamiliar address. Subsequently, this wallet sent 1,000 ETH to a third-party address to distribute the assets.
Immediately, HTX Exchange sent a message to the hacker, allowing them to retain 5% of the stolen funds as a bug bounty reward, on the condition that the payment be made by October 2. The exchange claimed to have identified the hacker’s identity and promised to report the case to law enforcement when the deadline expired.
There are currently various theories about the hacker’s identity and how they targeted HTX, with some suggesting that it may be the actions of a current or former employee of the exchange. However, no confirmation has been provided by the involved parties thus far.
This incident follows another security breach reported by CyversAlerts two weeks prior, involving CoinEx. Just a few days later, the decentralized cross-chain protocol Mixin Network was also attacked, resulting in the loss of $200 million. A series of such attacks is raising concerns about the safety of cryptocurrency exchanges.