$8M HTX Exploit Confirmed: Attacker Offered Bounty and Security Advisor Role for Fund Return

By: Eliza Bennet

Cryptocurrency entrepreneur and HTX global adviser Justin Sun has confirmed an exploit that cost the exchange $7.9 million. The hack, initially reported by Web3 security firm Cyvers, was detected via a suspicious transaction involving the exchange on Sept. 24. An externally owned account (EOA) was found to have received 5,000 ETH from the exchange’s global wallet, valued at $7.9 million.

Despite the significant loss, Sun assured users that their assets were secured, as the stolen amount only represents a relatively small portion compared to the $3 billion total held by their users. This amount also equates to just two weeks' revenue for the HTX platform. Cyvers claimed they received no response from HTX when they reported the incident, but Sun stated the platform had detected the hack immediately and took action to mitigate further loss.

In a novel approach to deal with the mishap, HTX has offered 5% of the stolen amount ($400,000) as a 'white hat' reward for the hacker to return the funds. The platform has even offered the attacker a position as a security white hat advisor, further encouraging the return of the stolen funds. The exchange warned that if the funds were not returned within seven days, they would resort to law enforcement. The exchange and its offers have received public support, with Binance CEO Changpeng Zhao stating his platform would cooperate with HTX in tracking hacker funds.