A Sudden Heist
In the waning days of September, HTX, previously known as Huobi’s global exchange, faced a significant breach. The assailant managed to siphon off a staggering 4,997 ETH, equivalent to roughly $7.9 million, directly from the exchange’s hot wallet. Justin Sun, the CEO of HTX, promptly identified the hacker and proposed a deal: return the stolen assets within a week and receive a 5% white-hat bounty, all while avoiding any legal repercussions.
The Aftermath and Assurance
In the immediate aftermath of the breach, Sun took to the community to assuage concerns. He confirmed that the stolen ETH was fully compensated by the exchange’s reserves, ensuring that user assets remained secure. Sun emphasized, “HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues. All user assets are #SAFU, and the platform is operating completely normally.” To put things into perspective, the stolen $8 million is a mere fraction compared to the $3 billion in assets held by HTX users, equating to just two weeks of the exchange’s revenue.
While the funds were secured, the pursuit of the hacker was in full swing. Sun’s ultimatum to the hacker was clear: return the stolen funds within a week. Although the hacker missed this deadline, it’s speculated that negotiations were ongoing, with the hacker possibly seeking assurances against prosecution.
A Surprising Resolution
As of yesterday afternoon, a significant development emerged. The stolen funds were fully restored to the exchange’s hot wallet, as evidenced by on-chain data. This return was corroborated by both security researcher ZachXBT and Sun. From my point of view, what’s intriguing is the sequence of transactions. The entire stolen amount was returned first, after which HTX transferred the promised bounty to the hacker. Sun remarked, “We have confirmed that the hacker has fully returned all funds, as promised, and we have also paid the hacker a white hat bonus of 250 ETH. The hacker made the right choice.”
Typically, in such arrangements, the hacker retains the promised bounty and sends back the remainder. As I see it, the full return before receiving the bounty might have been a strategic move by the hacker to eliminate any potential legal threats, proving they no longer held any of the stolen assets.
Concluding Thoughts
This incident serves as a testament to the evolving dynamics between hackers and institutions. While the initial act was malicious, the resolution showcased a cooperative spirit, possibly hinting at a future where hackers and companies can find common ground. However, it’s essential to remain vigilant and prioritize security, ensuring such breaches are a rarity.