Home Web3 SecurityCrypto Hacks & Exploits HECO Bridge Exploited for Over $87M in a Suspected Private Key Leak

HECO Bridge Exploited for Over $87M in a Suspected Private Key Leak

by ImmuneBytes
Major Security Breach in HECO Bridge and HTX

On Nov 22, 2023, the HECO Bridge was exploited for ~$87 million due to a suspected private key compromise.

Additionally, ~ $12 million was also stolen from HTX’s hot wallets.

To avoid further losses, the HTX team moved funds from some of their hot wallets to a Huobi Recovery address, 0x18709e89bd403f470088abdacebe86cc60dda12e.

This secondary attack brought the estimated loss to over $99 million.

Hack Txn: https://etherscan.io/tx/0xbb6fe88427c2f3bc179075109d47a805dcfedab0e475eaca0d979311873e131b

Exploiter Address: 0xfc146d1caf6ba1d1ce6dcb5b35dcbf895f50b0c4

Stolen Funds Parking Add: 0xe47e6dA16Bb83EB0FD26b3F29b15CE8Fab089B9e ($63 million)

Details of the Attack

The attacker targeted the HECO Bridge, stealing a substantial amount of cryptocurrencies.

The total value of the stolen assets amounts to approximately $86.6 million, encompassing diverse cryptocurrencies:

  • 346,994 TUSD
  • 42,399 LINK
  • 619,000 USDC
  • 173,200 UNI
  • 346.9M SHIB
  • 489 HBTC
  • 42M USDT
  • 10,145 ETH

The attack was executed by transferring these assets to various externally owned accounts (EOAs) before swapping them for Ethereum.

Stolen Funds Details

The stolen funds are currently held at the following addresses:

  • 0x153D99836E197f92a8385bA80AfBB57b69de2cC1
  • 0x493BB5E2a551aE8FA22EfF0F964820712Ed77Dcb
  • 0x640e567A5041c7108033dADB0b47A3F7aEdD661b
  • 0x945647F6225a44E35a0Ea50F9FE2b4321794aA29
  • 0xe47e6dA16Bb83EB0FD26b3F29b15CE8Fab089B9e
  • 0x6A40dfe3008Bc3f99907e6DFf4d041F933493411
  • 0x7aBd8ddA6CcA1785Af2f812b171B98D6924ff5D2

The initial analysis points towards a compromised operator as the potential cause, especially considering the suspicious withdrawal of 10,145 ETH (valued at around 💰$19 million) initiated by an operator.

Previous Hacks of HTX Exchange

This is not the first time this year when HTX was exploited by malicious hackers. In Sep 2023, HTX lost $8M worth of ethers.

In the attack, one of HTX’s hot wallets was hacked. The said wallet had been receiving massive (around $500 million) in deposits from Binance since it was created in March 2023.

Must Read: How to Prevent and Manage Private Key Compromise

You may also like