In late September, HTX, the rebranded global exchange of Huobi, fell victim to an attack that resulted in a loss of nearly $8 million.
The attacker managed to steal 4,997 ETH, equivalent to about $7.9 million, from the exchange’s hot wallet. HTX CEO Justin Sun promptly identified the attacker and offered a 5% white hat bounty if the funds were returned within a week. He also assured the attacker that no legal action would be taken in return.
Funds Covered By The Exchange
Hours after the attack, Sun announced that all stolen ETH had been reimbursed from the exchange’s reserves.
“HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues. All user assets are safe, and the platform is operating normally. The $8 million loss is relatively small compared to the $3 billion worth of assets held by our users. It is also equivalent to just two weeks’ revenue,” said Sun.
However, efforts to apprehend the attacker were already in progress.
Although Sun had initially given the attacker one week to return the funds, the deadline was missed by nearly a week, possibly due to the attacker seeking guarantees that they would not face prosecution.
Funds Returned In Full
Yesterday, the funds were returned to the exchange’s hot wallet as confirmed by on-chain data.
It looks like the HTX/Huobi hacker has returned the funds (4997 ETH)
0x48bd1179529343c7a970045290fd2b0b1d946f64e17c443a528e24bf7cdbb817 pic.twitter.com/MknehuhM6x
— ZachXBT (@zachxbt) October 7, 2023
The transaction was confirmed by security researcher ZachXBT and Sun himself.
It is worth noting that the entire amount was returned before the bounty was given to the hacker.
“We have confirmed that the hacker has fully returned all funds, as promised, and we have also paid the hacker a white hat bonus of 250 ETH. The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!”
Typically, in such cases, the attacker keeps the promised bounty and returns the rest of the funds. It is unclear why the entire amount was returned before the hacker received the bounty. This may have been done to eliminate any possibility of a future lawsuit as the attacker can now prove that they no longer have control over any stolen funds.
Image Source: Sergey Nivens / Shutterstock