Justin Sun confirms $8M HTX exploit; attacker offered 5% bounty and a security advisor role to return funds
HTX extended its offer for a seven-day grace period before turning to law enforcement.
Crypto entrepreneur and HTX global adviser Justin Sun confirmed today that the exchange was compromised in an exploit that resulted in a loss of $7.9 million.
Web3 security firm Cyvers first reported the hack, noting that its system detected a suspicious transaction involving the exchange on Sept. 24. It identified an externally owned account (EOA) that received 5,000 ETH, worth $7.9 million, from the exchange’s global wallet.
Cyvers claimed it received no response from HTX when contacted.
HTX confirms hack
According to Sun, the exchange detected the hack immediately after it occurred and took swift action to prevent losses. He added that the platform had offered 5% of the stolen amount ($400,000 ) as a white hat reward to encourage the hacker to return the stolen funds.
Additionally, the hacker would be hired as a security white hat advisor for HTX if they returned the stolen funds. If the exploiter failed to return the fund within seven days, the exchange threatened to hand over the case “to law enforcement authorities for further action and to prosecute the hacker.”
Sun assured the exchange’s users that their assets were safe as the stolen amount “represents a relatively small sum in comparison to the $3 billion worth of assets held by our users.” He added that the stolen fund also “amounts to just two weeks’ revenue for the HTX platform.”
The exchange sent on-chain messages of its offer to the hacker’s address. The message reads:
“We have confirmed your true identity. Please return the funds to 0x18709E89BD403F470088aBDAcEbE86CC60Dda12e. We will provide you with a 5% white hat bonus. This offer is valid for 7 days, and the deadline is October 2, 2023. If you do not return the funds before the deadline, we will ask the judiciary to intervene.”