Blockchain security firms detect suspicious activity on HECO bridge and HTX with initial losses estimated at $110 million weeks after $100 million was drained from Poloniex.
According to data from Cyver Alerts, a suspicious address has received $12 million from HTX cryptocurrency exchange followed by a massive 10,145 ETH from the HECO chain bridge showing signs of another exploit.
🚨Code Red!🚨 (Ongoing)Our AI powered system has detected multiple suspicious transactions from @HECO_Chain bridge
Suspicious address has received around $85M. Suspicious address: https://t.co/JlMClIM7hg
First transaction is 10,145 $ETH from @HECO_Chain bridge to suspicious… pic.twitter.com/IwpqXvhCsU
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) November 22, 2023
Although details are still sketchy at the moment, users have pointed to the hack of Poloniex asking Justin Sun to beef up security. Sun has an interest in both HECO bridge and HTX.
Last year, he integrated TRON and BitTorrent ecosystem with HECO Bridge with similar integrations on Houbi which rebranded as HTX this year to mark its tenth anniversary.
HTX suspends deposits
Sun confirmed the incident on X (Twitter) saying both platforms had witnessed a malicious attack but the company would fully compensate for all losses and has temporarily suspended deposits and withdrawals.
“All Funds in HTX Are Secure, and the Community Can Rest Assured. We are investigating the specific reasons for the hacker attack. Once we complete the investigation and identify the cause, we will resume services.”
Another blockchain security firm, PeckShield has reported losses from ETH initially and subsequently USDC, Chainlink (LINK), and Shiba Inu (SHIB) sent to other wallets.
#PeckShieldAlert Suspicious huge withdrawal of 10,145 $ETH (~$19m) from #Heco_Bridge. @justinsuntron
Note the tx is initiated by the operator. Looks like a compromised operator?https://t.co/thBVveuL6X pic.twitter.com/th4Ui0FO3A
— PeckShieldAlert (@PeckShieldAlert) November 22, 2023
This development has sparked an uproar among the community on social media spaces with many calling it a trend while others blaming the huge white hat bounties offered to bad actors.
X user Orbitalflux joked about the company’s lack of “anti-virus” while YazanXBT lamented on the recent crisis, “What’s going on? First HTX, then Poloniex, and now the Bridge. You’re being really unfortunate lately.”
A series of unfortunate events
Digital asset exchange, Poloniex acquired by Sun suffered a hack that led to over $100 million worth of assets being drained. The company has opened an investigation into the incident and says it uncovered the hacker’s identity offering an increased white hat bounty of $10 million before it starts full criminal investigations.
Recall that HTX was hacked and drained of 500 ETH approximately $8 million at the time with the company stating that everything was under control and funds were safe. Particularly, Sun, the company’s advisor noted that the company was in a good financial position to cover all losses.
“$8 million represents a relatively small sum in comparison to the $3 billion worth of assets held by our users. It also amounts to just two weeks’ revenue for the HTX platform.”
Read the full article here