The attacker who stole around $8 million worth of Ether from HTX (formerly Huobi) has finally decided to return the funds, or around 5,000 ETH. HTX has welcomed the attacker’s decision and sent him a bounty of 250 Ether, while requesting a report on the security vulnerability to prevent such an incident from happening again.
HTX gets its $8 million back
2 weeks after HTX (formerly Huobi) confirmed via Justin Sun that one of its hot wallets had been compromised to the tune of $8 million in the form of Ether, we learn that the attacker has finally agreed to return the full amount of the funds, i.e. around 5,000 ETH.
It looks like the HTX/Huobi hacker has returned the funds (4997 ETH)
0x48bd1179529343c7a970045290fd2b0b1d946f64e17c443a528e24bf7cdbb817 pic.twitter.com/MknehuhM6x
– ZachXBT (@zachxbt) October 7, 2023
HTX told the hacker via an on-chain message that he “had made the right choice” and that a bounty had been sent as a result, as the exchange had promised:
” You’ve made the right choice. We have already paid the white hat premium to 0x1Fc8674A51D6b97C968BE384337519CE7003152B. Please submit a security vulnerability analysis report to htxsafe@htx-inc.com so that we can avoid similar incidents in the future. Your privacy will be protected. “
At the time of the incident, HTX had claimed that it had been able to identify the hacker’s identity, and that this would be passed on to the authorities if the individual refused to return the funds. At the same time, Justin Sun was keen to put the situation into perspective, pointing out that the $8 million was more or less the amount of revenue generated by HTX in 2 weeks.
HTX had also indicated that the individual could eventually be hired by the exchange thanks to his skills. However, we don’t know whether the individual concerned has decided to follow up on this offer. In any event, he will have received a bonus of 250 ETH, or around $410,000 at the current Ether rate.
In an on-chain message sent to HTX, the hacker indicated that the attack was the result of an exchange private key leak.
Hacks on the rise in the quarter
According to DefiLlama data, September was the worst month for the cryptocurrency ecosystem in terms of the amount stolen through attacks. This was due in particular to the $200 million hack of the decentralized Mixin Network, already one of the largest in history, alongside those of Wormhole and Euler Finance.
Amounts stolen monthly in the crypto ecosystem since the beginning of 2023
More globally, the quarter encompassing July, August and September saw an increase in the total stolen amount of around 153% compared to the same period last year. Last year, 30 attacks were recorded in this quarter, compared with 76 today – more than double. In this quarter of 2023, 30% of recorded attacks are attributed to the North Korean hacker group Lazarus Group, according to a report by Immunefi.
In any case, regarding the recent attack on HTX, Justin Sun indicated that “providing complete security for user assets” still remained a priority and an objective to be achieved.
