CyberSecurityBoard
Sponsor Register Login

HTX exchange loses $13.6M in hot wallet hack: Report

HTX, formerly Huobi Global, suffered an estimated loss of $13.6 million as part of a $86.6 million exploit against the HECO Chain bridge on Nov. 22. According to a report from blockchain security firm Cyvers, the losses stem from three compromised hot wallets, with users and exchange assets swapped for Ether. Distributed to various Ethereum addresses thereafter. Among other coins and tokens, Cyvers said that 1,240 ETH, 7.3 million USDT , 1.78 million USD Coin , and 62,200 LIN were drained during the attack. Justin Sun, de-facto owner of HTX and founder of Tron and BitTorrent - both related entities - stated shortly after the exploit, "HTX Will Fully Compensate for HTX's hot wallet Losses. Deposits and Withdrawals Temporarily Suspended. All Funds in HTX Are Secure, and the Community Can Rest Assured." We are investigating the specific reasons for the hacker. Earlier in the day, the HECO Chain bridge, a cross-chain bridge created via the merging of the Tron and BitTorrent ecosystem in 2020, was drained of $86.6 million due to an allegedly compromised blockchain operator. In September, HTX was hacked for $8 million in another hot wallet exploit. At the time, Sun also claimed that "All user assets are SAFU and the platform is operating completely normally." The hack took place less than one month after its rebranding from Huobi Global to HTX, as announced during Token2049 in Singapore. Data from Nansen shows that wallets identified as belonging to HTX hold a combined $2.08 billion in user and corporate assets. Within the past 24 hours, the exchange had $1.3 billion in spot trading volume. A weekly pulse of the business behind blockchain and crypto.

This Cyber News was published on cointelegraph.com. Publication date: Thu, 30 Nov 2023 23:19:27 +0000


Cyber News related to HTX exchange loses $13.6M in hot wallet hack: Report

HTX exchange loses $13.6M in hot wallet hack: Report - HTX, formerly Huobi Global, suffered an estimated loss of $13.6 million as part of a $86.6 million exploit against the HECO Chain bridge on Nov. 22. According to a report from blockchain security firm Cyvers, the losses stem from three compromised ...
11 months ago Cointelegraph.com
The ticking time bomb of Microsoft Exchange Server 2013 - This is, of course, a common issue since 2021 or so, due to Exchange Server security woes- however there has been an abnormally high increase in the past few months, making me think there was some kind of Exchange Server zero day perhaps. In my own ...
10 months ago Doublepulsar.com
North Korean Hackers' $12M Ethereum Laundering Via Tornado Cash Unveiled - It has been reported that North Korean hackers associated with the Lazarus Group have exploited Tornado Cash in a recent development to launder approximately $12 million worth of stolen Ethereum in the last 24 hours, using the coin mix-up service ...
8 months ago Cysecurity.news
Justin Sun offers 5% deal to $120M Poloniex crypto-robbers The Register - The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of user funds from the cryptocurrency exchange in a raid on Friday. Justin Sun, who also founded the Tron Foundation currency system, offered a so-called ...
11 months ago Theregister.com
Nest Wallet CEO Loses $125,000 in Wallet Draining Scam - The co-founder and CEO of a startup cryptocurrency wallet said he lost $125,000 in crypto in a scam, becoming among the latest victims of the growing threat of wallet drainer malware that one cybersecurity firm stole almost $300 million from more ...
10 months ago Securityboulevard.com
Navigating the Perilous Waters of Crypto Phishing Attacks - Key Highlights: Check Point Research Unveils Rise in Sophisticated Crypto Phishing: An investigation reveals an alarming increase in advanced phishing schemes targeting a variety of blockchain networks, employing wallet-draining techniques. ...
10 months ago Blog.checkpoint.com
Crypto wallet-draining attacks necessitate security rethink The Register - Infosec researchers are noting rising cryptocurrency attacks and have encouraged wallet security providers to up their collective game. Introduced in 2019, CREATE2 is seen as a significant advancement for Ethereum, allowing for more efficient ...
8 months ago Go.theregister.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
1 month ago Aws.amazon.com
Hackers Stolen Over $58 Million Crypto Via Malicious Google Ads - Threat actors targeting crypto wallets for illicit transactions have been in practice for quite some time. Threat actors have been using Wallet Drainers for such cybercrime activities, which have seen great success in recent years. Several techniques ...
10 months ago Gbhackers.com
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug - Microsoft has identified one of the critical vulnerabilities in Exchange Server that the company disclosed in February's Patch Tuesday update as actually being a zero-day threat that attackers are already actively exploiting. CVE-2024-21410 is an ...
9 months ago Darkreading.com
Microsoft Exchange 2019 has reached end of mainstream support - Microsoft announced the end of mainstream support for its Exchange Server 2019 on-premises mail server software on January 9, 2023. Starting today, the company says it will no longer accept requests for bug fixes and Design Change Requests, but it ...
10 months ago Bleepingcomputer.com
Congressman Coming for Answers After No-Fly List Hack - U.S. Congressman Bennie Thompson is demanding answers from airlines and the federal government after a "massive hack" of the no-fly list. The congressman sent a letter to the airlines and the Department of Homeland Security asking for an explanation ...
1 year ago Therecord.media
Hack The Box Launches 5th Annual University CTF Competition - PRESS RELEASE. Hack The Box, the leading gamified cybersecurity upskilling, certification, and talent assessment platform, is announcing its fifth annual global University Capture The Flag competition that will take place from December 8 to 10, 2023. ...
11 months ago Darkreading.com
Android/SpyNote Moves to Crypto Currencies - Affected Platform: AndroidImpacted Users: Android users with mobile crypto wallet or banking applicationsImpact: Financial LossSeverity Level: Medium. It has grown into one of the most common families of malware for Android, with multiple samples, ...
9 months ago Feeds.fortinet.com
Lazarus Group hackers appear to return to Tornado Cash for money laundering - North Korea's Lazarus hacking group allegedly has turned back to an old service in order to launder $23 million stolen during an attack in November. Investigators at blockchain research company Elliptic said on Friday that in the last day they had ...
8 months ago Therecord.media
Researchers crack 11-year-old password, recover $3 million in bitcoin - Michael, who is based in Europe and asked to remain anonymous, stored the cryptocurrency in a password-protected digital wallet. He generated a password using the RoboForm password manager and stored that password in a file encrypted with a tool ...
5 months ago Packetstormsecurity.com
Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks - Tens of thousands of Microsoft Exchange email servers in Europe, the U.S., and Asia exposed on the public internet are vulnerable to remote code execution flaws. The mail systems run a software version that is currently unsupported and no longer ...
11 months ago Bleepingcomputer.com
Leader of Killnet 'unmasked' by Russian state media The Register - Infosec in Brief Cybercriminals working out of Russia go to great lengths to conceal their real identities, and you won't ever find the state trying to unmask them either - as long as they keep supplying the attacks on Axis nations. It's the reason ...
11 months ago Theregister.com
Ledger dApp supply chain attack steals $600K from crypto wallets - Ledger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs. Ledger is a hardware wallet that lets users buy, ...
11 months ago Bleepingcomputer.com
Orbit Chain loses $86 million in the last fintech hack of 2023 - Orbit Chain has experienced a security breach that has resulted in a loss of $86 million in cryptocurrency, particularly Ether, Dai, Tether, and USD Coin. Orbit Chain is a blockchain platform designed to function as a multi-asset hub, supporting ...
10 months ago Bleepingcomputer.com
What's new in the MSRC Report Abuse Portal and API - The Microsoft Security Response Center has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several key updates to the Report ...
4 months ago Msrc.microsoft.com
Microsoft Exchange Servers Vulnerable to Cyberattacks - Microsoft Exchange Servers are becoming increasingly vulnerable to cyberattacks due to unpatched security vulnerabilities. Microsoft has recently released several critical patches for Exchange Servers, but it is still not enough to prevent possible ...
1 year ago Hackread.com
LastPass breach linked to theft of $4.4 million in crypto - Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents. The news comes ...
11 months ago Bleepingcomputer.com
Ledger Supply Chain Breach: $600,000 Theft Unveiled - Recent events have brought to light the Ledger supply chain breach, a cybercrime incident that led to the theft of $600,000 in virtual assets. For those who don't know, Ledger is a company that develops hardware and software-based cryptocurrency ...
10 months ago Securityboulevard.com
Accepting Ethereum for Businesses, An Overview - For a business looking to stay ahead of the curve, opting to accept Ethereum payments could be the key to unlocking a new world of opportunities. Accepting Ethereum payments offers businesses global market reach, cost-effectiveness, privacy and ...
9 months ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)