In a surprising turn of events, the hacker responsible for a recent attack on Huobi’s global exchange, HTX, has returned all stolen funds to the platform. The incident, which occurred in late September, saw the hacker make off with approximately $7.9 million worth of Ethereum (ETH) from the exchange’s hot wallet.
HTX CEO Justin Sun had swiftly identified the attacker and initiated a negotiation process, offering a 5% white hat bounty in exchange for the return of the stolen assets and a commitment to not pursue legal action. Now, the hacker has fulfilled their promise, resulting in a resolution that has left the cryptocurrency community both intrigued and puzzled.
Hours after the initial attack, HTX CEO Justin Sun took to social media to announce that the exchange had successfully covered the losses incurred from the breach. Sun stated, “HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues. All user assets are #SAFU, and the platform is operating completely normally.” He further emphasized that the $8 million loss represented a relatively small fraction compared to the $3 billion worth of assets held by HTX users, amounting to just two weeks’ revenue for the platform.
However, despite the swift recovery of the stolen funds, the pursuit of the attacker continued. At the time of the hack, Sun had given the hacker a one-week window to return the funds. While the deadline was missed by nearly a week, it appears that negotiations were ongoing during this period, possibly involving the attacker seeking assurances that they would not face legal consequences.
The unusual resolution raises questions
The unexpected conclusion to this story came when it was confirmed that the entire amount stolen had been returned by the hacker. Security researcher ZachXBT and HTX CEO Justin Sun both verified the transaction, signaling the hacker’s commitment to fulfilling their end of the bargain.
In a statement, HTX announced,
“We have confirmed that the hacker has fully returned all funds, as promised, and we have also paid the hacker a white hat bonus of 250 ETH. The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!”
This development deviates from the usual pattern seen in such cases, where the attacker typically keeps the promised bounty and returns only the remainder of the stolen assets. The reasons for this uncommon resolution remain somewhat unclear, but it is possible that the decision to return the entire amount was made to eliminate any potential legal liabilities, with the hacker now able to demonstrate their lack of control over any stolen funds.