Global cryptocurrency exchange Huobi experienced a cyberattack resulting in the theft of 5,000 ETH valued at approximately $7.9 million.
CyversAlerts, a reputable crypto security company, was the first to report the attack.
The blockchain firm revealed that the attack was successful due to a compromise in one of Huobi’s hot wallets. Hot wallets are easily accessible cryptocurrency wallets connected to the internet.
Huobi Global investor Justin Sun also confirmed the attack today, September 25, 2023.
According to reports from CyversAlerts, the global exchange has identified the crypto wallet address used and the identity of the criminals involved. They have contacted the culprits with an interesting proposition.
Huobi sent a transaction to the hacker’s wallet address with a message, per details on Etherscan.
They informed the culprits that they knew their identity and demanded the return of funds within a specific timeframe.
Huobi has offered the cybercriminals a 5% bonus for the stolen funds, approximately $395K. Additionally, the exchange plans to hire the hacker as a security consultant.
Failure to return the stolen funds within the given timeline will result in Huobi involving law enforcement.
Could This Be Another Strike By the Lazarus Group?
Crypto exchanges have been frequent targets of profitable cyber attacks due to their weak security architecture and the large amount of crypto funds they hold.
According to a report by Crystal Blockchain, approximately $16.7 billion in cryptocurrencies has been stolen between January 2011 and February 2023.
There have been several hacks in the crypto landscape attributed to the Lazarus Group, a well-known cyber attack organization associated with North Korea.
On September 11, CertiK, a popular blockchain security platform, announced that the Lazarus Group was responsible for stealing $41 million from Stake online casino.
The firm also reported that the same hacker group swapped and bridged 520,000 MATIC tokens worth over $266,000 to the Avalanche blockchain.
Twelve days after the Stake online casino hack, Huobi appears to be the latest victim.
While there is currently no evidence linking the attack on Huobi to the North Korean cyber attack group, further investigation is needed.