1. Home
  2. Poloniex hack

Poloniex hack

Crypto exchange HTX see outflows top $258M following exploit

The Justin Sun-linked crypto exchange HTX has witnessed $258 million in outflows in the wake of a $30 million exploit in November.

Crypto investors have been moving their assets away from crypto exchange HTX (formerly known as Huobi) following a Nov. 22 exploit that saw the exchange pause its services and lose a total of $30 million. 

Between Nov. 25 — the day that HTX resumed its services — and Dec. 10, the exchange witnessed some $258 million in net outflows, according to data from DefiLlama.

DefiLlama data shows HTX’s reserves comprise 32.3% Bitcoin (BTC) and 31.8% Tron (TRX). TRX is the native currency of the Tron network, a blockchain launched by Sun in 2017.

Read more

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI

Poloniex says hacker’s identity is confirmed, offers last bounty at $10M

A community member questioned why Poloniex needed to send an on-chain message in 15 different languages if the hacker’s identity was truly confirmed.

Crypto exchange Poloniex recently posted a message to the hacker responsible for stealing over $100 million in digital assets from one of its wallets, saying that it has identified the person and is giving the perpetrator a chance to return the assets in exchange for a $10 million bounty. 

An on-chain message shared by blockchain security firm PeckShield on social media shows Poloniex’s message to the hacker. According to the exchange, it has already confirmed the hacker’s identity. The exchange further highlighted that it is working with various law enforcement agencies from the United States, Russia and China.

Furthermore, Poloniex mentioned that the stolen funds are already marked and cannot be used. Even though it confirmed the hacker’s identity, the exchange gave the hacker a chance to return the funds by Nov. 25 and get a $10 million white hat reward. However, if the funds are not returned, police forces will take action.

On-chain message from Poloniex to the hacker. Source: PeckShield

While the message indicates that the hacker is identified, some community members are unconvinced about the new development. In a post on X (formerly Twitter), a community member said that the exchange wouldn’t need to involve the police in three different countries and send the same message in 15 different languages if the hacker is already identified. 

Related: Exploits, hacks and scams stole almost $1B in 2023: Report

The hack happened earlier in November when a crypto wallet belonging to Poloniex had suspicious outflows. On Nov. 10, various blockchain security firms determined that more than $100 million was drained from the exchange’s wallet

In response to the attack, Poloniex disabled the wallet for maintenance. In addition, the exchange also offered a 5% bounty for the return of the funds. On Nov. 15, the exchange resumed withdrawals after enlisting the help of a security auditing firm to enhance its security.

Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI

Poloniex exchange suffers $100M exploit, offers 5% bounty

Over $100 million in digital assets were transferred from a wallet belonging to crypto exchange Poloniex in what security firms believe to be a massive hack.

A crypto wallet belonging to the digital asset exchange Poloniex has experienced suspicious outflows, as seen on blockchain explorer Etherscan. Blockchain security firms believe that the company was breached, leading to as much as $100 million in crypto being drained by the attackers. 

On Nov. 10, millions of crypto assets were transferred from an account labeled Poloniex 4 on Etherscan. Initial estimates of the losses were around $60 million. However, it was later determined that, according to blockchain security firm CertiK, the incident was likely a "private key compromise." The security firm also noted that the funds have already been transferred to four externally owned accounts (EOAs), with some accounts being swapped into Ether (ETH).

In response to the suspicious outflows, the exchange disabled the wallet. However, the exchange has not yet posted an official statement regarding the hack. Cointelegraph also reached out to Poloniex but did not get an immediate response. 

While the exchange has not published an official statement yet, Justin Sun, who acquired the exchange in 2019, posted on X (formerly Twitter) that the team is already investigating the hacking incident. According to Sun, they will fully reimburse the users affected by the breach. The executive claimed that the exchange "maintains a healthy financial position" and is looking for collaborations with other exchanges to recover the lost funds. 

Related: Exploits, hacks and scams stole almost $1B in 2023: Report

Sun also offered a 5% white hat bounty to the Poloniex hacker. The executive said that they will give the attacker seven days to return the funds before they start working with law enforcement authorities. 

Meanwhile, despite being hit with a negative incident, Tron (TRX), another of Sun’s crypto projects, has seen a 20% increase in price, according to digital asset information tracker CoinGecko. The cryptocurrency went from trading for $0.09 to $0.11 on the same day as the hack. 

Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

From Ethereum’s Debut to the Future of Web3: The Legacy of WAGMI