TL;DR#
On September 24, 2023, the hot wallet of Huobi Global's HTX exchange was hacked, which resulted in a loss of 4,999 ETH worth approximately $8 million.
Introduction to Huobi#
Huobi Global is a centralized international digital asset exchange.
Vulnerability Assessment#
The root cause of the exploit is likely due to the compromise of the private keys.
Steps#
Step 1:
We attempt to analyze the attack transaction executed by the exploiter.
Step 2:
This unexpected and direct transfer of funds can possibly be due to the compromise of the private keys. However, the actual reasons for this compromise are still unknown.
Step 3:
Following the exploit, the hacker also transferred 1001 ETH, totaling approximately $1,592,442 at the time of this writing, to yet another address.
Step 4:
This hacker-controlled address currently holds 3,998.0016 ETH worth approximately $6,363,419, while the other one has 1,001.0013 ETH worth approximately $1,593,254.
Aftermath#
Two days after the exploit and following a community alert, Justin Sun acknowledged that HTX was exploited, and that the team has fully covered the losses incurred from the attack by successfully resolving all related issues. He further asserted that all user assets were safe and that the platform was operating completely normally.
The team revealed in an on-chain message that they have identified the hacker but are still willing to offer a 5% white hat bounty reward valid for 7 days, until October 2, 2023, in the hopes of recovering the stolen assets. If the funds were not returned prior to this deadline, they would involve law enforcement agencies for further investigation in this case. The hacker was also presented with another offer to work as a security white-hat advisor for HTX.
Solution#
In the wake of the recent exploit of Huobi Global's HTX exchange, where a significant amount of ETH was lost, reinforcing security mechanisms and having protective covers like those offered by Neptune Mutual become essential.
Recognizing the speculated cause of the compromise in this case as the likely loss of private keys, Neptune Mutual emphasizes the paramount importance of implementing security strategies that include offline storage of private keys, like hardware wallets, and cold storage solutions. These practices are integral in securing assets and limiting the access hackers have to sensitive information, thereby reducing the likelihood of unauthorized fund transfers.
However, even with rigorous security measures, the risk of exploitation can never be completely nullified. This inevitable uncertainty underscores the crucial role of having robust cover policies like the ones we provide at Neptune Mutual. By establishing a dedicated cover pool in our marketplace, the aftermath and the impact of the attack would have been significantly alleviated. Our coverage provides assurance to users by mitigating losses of funds or digital assets due to smart contract vulnerabilities, thanks to our specialized parametric based cover policies.
Our marketplace operates on various renowned blockchain networks including Ethereum, Arbitrum, and the BNB chain, aiming to extend our protective cover to a wide range of DeFi users. Our presence in the ecosystem not only provides a safety net to users but also fortifies their trust in the DeFi ecosystem, especially in the aftermath of substantial security breaches like the one experienced by Huobi Global's HTX exchange.
Moreover, the security team at Neptune Mutual would meticulously assess platforms like HTX for a variety of security aspects, including DNS and web-based security, frontend and backend security, and intrusion detection and prevention systems, to name a few. These comprehensive assessments are pivotal in identifying potential vulnerabilities and improving the overall security of platforms, thus fortifying them against future security incidents and unauthorized exploits.
Reference Source Cyvers
