Huobi Global’s cryptocurrency exchange HTX encountered a significant security breach on September 25, when one of its hot wallets was compromised and drained of 5,000 Ether (ETH), which was valued at approximately $8 million at the time. This incident was part of a broader trend of increasing security breaches within the cryptocurrency and Web3 spaces during the third quarter of 2023. However, the narrative took a positive turn on October 7, when the hacker returned the stolen funds. Following this action, HTX issued a 250 ETH whitehat bounty to the individual, which, with an exchange rate of $1,621 per ETH, is valued at around $410,000.
The Bounty Offer
In the aftermath of the hack, HTX promptly initiated communication with the hacker. The exchange claimed to be aware of the individual’s identity and proceeded to offer a 5% bounty of the stolen funds, which equates to around $400,000, under the condition that 95% of the stolen funds were returned before a set deadline of October 2. Additionally, it was agreed that HTX would abstain from pursuing any legal action against the hacker if the stipulated conditions were met, thus providing an incentive for the hacker to return the stolen assets.
The return of the stolen funds and the subsequent bounty reward were publicly acknowledged by Justin Sun, Huobi Global owner, on October 7 through a post on X (formerly Twitter). Sun expressed that “The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!” He also underlined the persistent endeavor to bolster blockchain security and ensure the protection of user assets, a task that he described as never easy but crucial for the industry. His acknowledgment was echoed across the community, emphasizing the collaborative nature of blockchain security endeavors and the importance of community support in overcoming such security challenges.
The incident with HTX is a part of a larger hacking landscape that has seen a significant uptick in the third quarter of 2023. A recent report from blockchain security platform Immunefi highlighted a sharp rise in the number of hacking incidents, with 76 reported hacks in Q3 2023 as compared to 30 in Q3 2022. The same week HTX was targeted, another notable project, the decentralized cross-chain protocol Mixin Network, also suffered a security breach. Attackers exploited a vulnerability associated with a third-party cloud service provider and managed to siphon off around $200 million. These incidents underscore the pressing need for enhanced security measures within the rapidly evolving crypto and Web3 spaces, and the HTX incident serves as a unique case of community and hacker collaboration towards a resolution.
Image source: Shutterstock