On September 24, 2023, Huobi Global’s HTX crypto exchange fell victim to a hack, resulting in the loss of $7.9 million in cryptocurrency, as reported by blockchain analytics platform Cyvers. However, the exchange has taken an unusual approach in response to the attacker.
At 10:00 am UTC on September 24, a suspected Huobi hot wallet, identified as 0x2Abc22eb9A09EbBE7b41737CCde147F586EfeB6A, sent 4,999 Ether (approximately $7.9 million) to an address with no prior transaction history. This set off alarm bells within the cryptocurrency community.
Unique Response from Huobi
In an intriguing twist, a Huobi wallet, separate from the compromised one, reached out to the attacker with a message in Chinese. This message, translated using Google, revealed that Huobi believes it knows the identity of the attacker. The exchange offered a deal: if the attacker returns 95% of the stolen funds, they would receive a “white-hat bonus” of 5%.
The message from Huobi read, “We have confirmed your true identity. Please return funds to 0x18709E89BD403F470088aBDAcEbE86CC60dda12e. We will provide you with a 5% white hat bonus. This offer is valid for 7 days and ends on October 2, 2023. If you do not return the funds by the deadline, we will request judicial intervention.”
Confirmation and Reassurance
The attack was reported by Cyvers on September 25, and Huobi Global investor Justin Sun confirmed the breach on the same day. Sun stated that HTX had lost 5,000 Ether (equivalent to $8 million USD) due to the hacker’s actions. He also reassured users that their funds were secure and that the exchange was operating normally. According to Sun, HTX had already covered the losses from the attack and resolved all related issues.
Ongoing Threat of Hacks
This incident adds to the list of cryptocurrency exchange hacks in 2023, many of which are attributed to the Lazarus Group, a North Korean-affiliated hacking group. These attacks have netted the group around $40 million in Bitcoin throughout the year, highlighting the persistent threat posed to the cryptocurrency industry by cybercriminals.