The $100M Heist: What Happened at HECO Bridge and HTX?
Cyberattack Targets Justin Sun-Linked Entities, Draining Over $100 Million in Crypto Assets
Two significant digital asset platforms, the HECO (Huobi ECO) Bridge and crypto exchange HTX, associated with Justin Sun, have suffered a massive security breach. The orchestrated cyberattack resulted in the loss of over $100 million across various cryptocurrencies.
Behind the Breach
The HECO Bridge funds were drained via a compromised operator account. This account began withdrawing funds from the bridge to the attacker’s address. The majority of these funds were then forwarded to an accumulation wallet, suggesting a planned and coordinated attack.
The assets stolen included a mix of cryptocurrencies: 42 million USDT, over 10,000 ETH, 489 HBTC, 347 million SHIB, 173,000 UNI, 619,000 USDC, 42,000 LINK, and 347,000 TUSD.
HTX Wallet hack resulted from three compromised hot wallets that were most likely compromised through a phishing attack. The losses included 1,240 ETH, 7.3 million USDT, 1.78 million USDC, and 62,200 LINK.
While no specific group has been officially identified, parallels have been drawn between the style of these attacks and those typically carried out by the notorious DPRK’s Lazarus Group. However, without concrete evidence, the identity of the hackers remains a matter of speculation.
Justin Sun immediately acknowledged the attacks, promising full compensation for HTX’s hot wallet losses. Both platforms temporarily suspended deposits and withdrawals, assuring users of the safety of the remaining funds and initiating a thorough investigation into the incident.
Projects linked to Justin Sun have recently become Web3's most targeted projects, like the Poloniex hack which was exploited for $126M earlier this month. Could the Lazarus Group be potentially after Justin Sun? Will he be targeted again?
You build the future. We help you secure it.