Huobi’s Hot Wallet Reportedly Drained of $7.9 Million – What Happened?

Global cryptocurrency exchange Huobi was the victim of a cyberattack that resulted in the theft of 5,000 ETH worth approximately $7.9 million. 

CyversAlerts, a reliable crypto security company, was the first to report the attack. 

The blockchain firm stated that the attack was successful due to a compromise in one of Huobi’s hot wallets. Hot wallets are easily accessible cryptocurrency wallets connected to the internet. 

🚨Red Code🚨Yesterday, our ML-powered system detected a suspicious transaction involving @HuobiGlobal and @HTX_Global.
Despite our attempts to reach out, we received no response. An EOA received 5K $ETH $7.9M from @HuobiGlobal's hot wallet.

🔍 This morning, we spotted… pic.twitter.com/3oqHhAVi8P

— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) September 25, 2023

Huobi Global investor Justin Sun also confirmed the attack on X earlier today, September 25, 2023. 

HTX @HTX_Global has suffered a loss of 5,000 #Eth ($8 million USD) due to a hacker attack. HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues. All user assets are #SAFU and the platform is operating completely normally.

— H.E. Justin Sun 孙宇晨 (@justinsuntron) September 25, 2023

Per the reports from CyversAlerts, the global exchange seems to have detected the crypto wallet address used and the identity of the criminals involved. As a result, they have contacted the culprits with an interesting proposition. 

Huobi sent a transaction to the hacker’s wallet address with a message, per details on Etherscan.

They informed the culprits that they knew their identity and demanded the return of funds within a specific timeframe. 

Huobi has promised to reward the cybercriminals with a 5% bonus for the stolen funds – about $395K. In addition, the exchange is planning to hire the hacker as a security consultant, as confirmed by Sun on X. 

However, failure to return the stolen funds within the timeline would lead to Huobi involving law enforcement. 

Could This Be Another Strike By the Lazarus Group?

Crypto exchanges have been a profitable cyber-attack target due to their weak security architecture and because they hold large crypto funds. 

According to Crystal Blockchain report, approximately $16.7 billion in cryptocurrencies was stolen between January 2011 and February 2023. 

A series of hacks have been recorded in the crypto landscape, which is believed to be caused by the Lazarus Group, a popular cyberattack organization affiliated with North Korea. 

On September 11, popular blockchain security platform CertiK announced that the North Korean hacker’s group was responsible for pilfering $41 million from Stake online casino. 

The firm further cited that 520,000 MATIC tokens worth over $266,000 were swapped and bridged to the Avalanche blockchain by the same Stake attacker, the Lazarus Group. 

#CertiKSkynetAlert 🚨

We are seeing a further movement of funds from the Stake exploiter.

520k MATIC was swapped and bridged to Avalanche before being bridged to BTC as per other fund movements from the exploiter.

See more on Skynet 👇https://t.co/Sdsfh29AoF

— CertiK Alert (@CertiKAlert) September 11, 2023

Twelve days after the Stake online casino was hacked, Huobi might be the latest victim. 

While no evidence yet connects the exchange attack to the North Korean cyberattack group, the coming days will provide much-needed clarity.