Huobi Global’s HTX crypto exchange was hacked on Sept. 24, according to a report from blockchain analytics platform Cyvers. A total of $7.9 million of crypto has been drained in the attack.
A known Huobi hot wallet posted a message to the attacker in Chinese. According to the message, the exchange knows the identity of the attacker and has offered to let them keep 5% of the drained funds as a “white-hat bonus,” but only if the attacker returns the remaining 95%.
Red CodeYesterday, our ML-powered system detected a suspicious transaction involving @HuobiGlobal and @HTX_Global.
Despite our attempts to reach out, we received no response. An EOA received 5K $ETH $7.9M from @HuobiGlobal‘s hot wallet.
This morning, we spotted… pic.twitter.com/3oqHhAVi8P
— Cyvers Alerts (@CyversAlerts) September 25, 2023
On Sept. 24 at 10:00 am UTC, the suspected Huobi hot wallet 0x2Abc22eb9A09EbBE7b41737CCde147F586EfeB6A sent 4,999 Ether (ETH), worth approximately $7.9 million, to an address which had no previous history. The following morning, a separate wallet belonging to Huobi sent a message to the attacker in Chinese. It stated (according to a Google translation):
We have confirmed your true identity. Please return funds to 0x18709E89BD403F470088aBDAcEbE86CC60dda12e. We will provide you with a 5% white hat bonus. This offer is valid for 7 days and ends on October 2, 2023. If you do not return the funds by the deadline, we will request judicial intervention.
Cyvers reported the attack on Sept. 25. The wallet that sent the message is identified as a Huobi hot wallet by blockchain analytics platform Arkham Intelligence. According to Cyvers, the wallet that sent the message is listed on a Huobi support page as belonging to the exchange.
Huobi Global investor Justin Sun confirmed the attack on the morning of Sept. 25, stating: “HTX @HTX_Global has suffered a loss of 5,000 #Eth ($8 million USD) due to a hacker attack.” Sun claimed that user funds are safe and the exchange is now functioning normally. “HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues,” he declared.
Crypto exchanges have been plagued by a series of hacks in 2023, many of which are believed to be caused by the North Korean affiliated Lazarus Group. The group has amassed $40 million in Bitcoin from the attacks over the course of the year.
Update (September 25, 3:30 pm UTC ): This article has been updated to include a statement from Huobi investor Justin Sun.