The exchange has already received the funds back. The hacker received a 5% white-hat incentive, or a remuneration of 250 ETH for restoring the funds, as well as a job offer to work as a white-hat security adviser.
Huobi Global‘s HTX crypto exchange has confirmed a refund of the funds stolen in September. The total sum of the refund has amounted to $8.2 million worth 4,999 Ethereum (ETH). Seems that the company has negotiated with the hacker, and as a result of the talks, the hacker made “the right choice” agreeing to give back the funds stolen. Notably, HTX has offered a 5% white-hat incentive, or a remuneration of 250 ETH to the hacker for restoring the funds.
HTX advisor Justin Sun took to the X platform to share the news.
We have confirmed that the hacker has fully returned all funds, as promised, and we have also paid the hack a white hat bonus of 250 ETH. The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!
— H.E. Justin Sun 孙宇晨 (@justinsuntron) October 7, 2023
Apart from the Whitehat incentive, the hacker was also offered a job opportunity as a white-hat security adviser in exchange for a prompt and voluntary return.
Justin Sun stated:
“Strengthening blockchain security and protecting user assets is never an easy task, and we have been working tirelessly! Providing full security for user assets is always our goal to strive for! We are thankful for the continued support of our users and community!”
On September 24, a crypto security organization CyversAlerts reported the cyberhack, referring to the vulnerability in one of HTX’s hot wallets as a reason behind it. According to CyversAlerts, the funds were sent to an address that had no previous history. The attacker was promptly identified, and an attractive proposal was sent to them by a separate wallet belonging to Huobi. In particular, the exchange offered to allow the hacker to keep 5% of the stolen funds as a “white-hat bonus” if they chose to return the remaining 95% and not reveal the attacker’s identity. Notably, the deadline for the offer’s validity was until October 2, for the hacker to return the funds. The message was written in Chinese.
The exchange has already received the funds back.
Surge of Hack Attacks
The rapid development of modern technologies not only offers multiple benefits and simplifies our lives but also opens opportunities for hackers to illegally get access to someone’s data. Back in 2020, cyber-attacks were rated the fifth top-rated risk, becoming the new norm across public and private sectors. In 2023, this trend will continue, and the number of attacks will grow. So far, there have been 838 cyber attacks recorded this year, and 71 of them took place in September alone.
The biggest hack attack reported last month led to a loss of $200 million in crypto assets of the decentralized finance (DeFi) project Mixin Network. As we have reported, Mixin had $94.48 million worth of Ether (ETH), $23.55 million in Dai (DAI), and $23.3 million in Bitcoin (BTC) during the hack. The combined value of this portfolio thus reached $141.32 million. Similar to Huobi, Mixin Network offered a $20 million bug bounty if the hackers returned the funds, however, the chances of getting the refund are low.
Vitalik Buterin, Ethereum’s co-founder, also suffered a data breach. Malicious actors gained control of his X (formerly Twitter) account and used it to publish a post claiming to celebrate the arrival of “Proto-Danksharding coming to Ethereum”. They also posted a malicious link that falsely promoted free non-fungible tokens (NFTs).