It seems that almost daily, crypto-related firms are exploited by malicious actors.
A cybersecurity breach targeted Huobi Global's cryptocurrency exchange HTX, leading to a loss of $7.9 million in digital assets.
According to the blockchain analytics firm Cyvers, the incident unfolded in the morning of September 24th, when 4,999 Ether (ETH), roughly equivalent to $7.9 million, was transferred from Huobi's suspected hot wallet to an unidentified address. It is worth noting that this address had no previous activity or transactions.
Did you know?
Want to get smarter & wealthier with crypto?
Subscribe - We publish new crypto explainer videos every week!
How to Store NFTs in 2023 (3 Most Secure Ways Explained)
Shortly after, another wallet linked to Huobi communicated with the perpetrator. The wallet, verified as belonging to Huobi, is also listed on Huobi's support page.
The hot wallet sent a message in Chinese to the attacker, saying:
We have confirmed your true identity. Please return funds to 0x18709E89BD403F470088aBDAcEbE86CC60dda12e. We will provide you with a 5% white hat bonus. This offer is valid for 7 days and ends on October 2nd, 2023. If you do not return the funds by the deadline, we will request judicial intervention.
An investor in Huobi Global, Justin Sun, confirmed the security breach on September 25th. He assured the public that all user funds are secure and that the crypto exchange has taken immediate measures to address the situation.
Cyvers disclosed the breach in a report released a day after the incident. This is just one of multiple security issues haunting cryptocurrency exchanges in 2023. Many of these attacks are suspected to be the work of the North Korean-affiliated Lazarus Group, which has been blamed for the CoinsPaid heist and Stake exploit.
The recent hack targeting Huobi Global is part of an alarming trend of cybersecurity breaches affecting cryptocurrency exchanges. However, quick actions have been taken to mitigate losses and secure user funds. As the crypto exchange offers a "white hat bonus" for the return of stolen funds, it remains to be seen whether the attacker will comply before judicial action is undertaken.
