Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On September 25th, Cyvers Alerts tweeted that a certain EOA address received 5000 ETH from HTX yesterday, and this morning, they noticed that HTX had conducted a hot wallet migration. It has been confirmed that one of HTX's hot wallets was compromised, resulting in a loss of 8.2 million USD, and the hacker's address has been disclosed. HTX has issued a public statement on the blockchain, addressing the hacker and offering a 5% white hat bonus if the stolen funds are returned by October 2nd; otherwise, they will transfer the information to law enforcement authorities for further action and to prosecute the hacker. Justin Sun also stated that HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues. All user assets are safe and the platform is operating completely normally. On October 7, the HTX attackers returned 4,999 ETH (about $8.2 million) of the stolen funds. Attack method (per SlowMist): Unknown. Reported loss: $ 8,200,000.
- chain
- —
- protocol
- HTX
- bug_class
- private-key
- date_occurred
- 2023-09-24
- loss_usd
- $8,200,000
- source_id
- sm:htx::2023-09-24