On September 24th, 2023, Huobi Global's HTX exchange fell victim to a security breach, resulting in a substantial loss of $7.9 million. This incident stemmed from the compromise of the protocol’s hot wallets.
What is Huobi?
Huobi, founded in China, stands as a centralized hub for digital asset exchanges, boasting a global presence across more than 100 nations. According to Huobi’s adviser Justin Sun, the platform currently holds assets valued at nearly $3 billion on behalf of its users, of which a relatively modest sum of $8 million was stolen in this recent breach.
Response to the Incident
In response to this unfortunate event, Justin Sun took to Twitter to publicly disclose the hack, revealing that a total of 5000 ETH had been pilfered. HTX swiftly assumed full responsibility for the losses incurred during the attack. They successfully navigated the aftermath, promptly resolving all associated issues.
The Growing Threat of Hot Wallet Attack
A hot wallet refers to a digital wallet that maintains a continuous online connection to both the Internet and the cryptocurrency network. These wallets are purpose-built for the seamless sending and receiving of cryptocurrencies, offering real-time visibility into the available token balance.
However, the chief concern surrounding hot wallets centers on their perpetual internet connectivity, rendering them more vulnerable to cybersecurity threats. This susceptibility pertains not only to hot wallets owned by individual users but also to those administered by organizations or exchanges.
To illustrate, cybercriminals can exploit phishing emails as a means to illicitly access an individual's laptop, thereby gaining a foothold that can be used to breach the individual's hot wallet. The looming threat of such attacks underscores the critical necessity of implementing robust security measures to fortify the safeguarding of digital assets.
Merkle Science’s Flow of Funds Analysis
Visualizing the flow of funds with the help of Tracker
- On September 24, 2023, Huobi Global, was hacked for approximately $7.9 million worth of ETH due a to private key leak.
- 5000 ETH were transferred from the protocol hot wallet to an address owned by the hacker
- 1001 eth was transferred to another address Exploiter 2 and with no further movement in funds so far
- Additionally, 80% of the stolen funds are idle in the hacker address 1.
Merkle Science has taken immediate action to ensure that wallets associated with the HTX hack have been tagged across all our tools. This shows direct/indirect exposure to wallets involved in the theft.
Moreover, our forensics tool 'Tracker' has been optimized for investigating DeFi and smart contract transactions with a watchlist feature that notifies users about any incoming/outgoing movement in funds from the attacker's address.