In just the past few days, several high-profile platforms have fallen victim to significant criminal exploits. Kyber Network's KyberSwap suffered a $47 million loss. It is suspected to be due to rounding and flash loan issues, with the attacker targeting liquidity pool reserves. On Wednesday, HTX, formerly known as Huobi Global, suffered losses totaling approximately $13.6 million in a larger exploit that targeted the HECO Chain bridge, which itself suffered an overall loss of $86+ million. Skepticism surrounds these incidents, with some suggesting they might be exit scams. Additionally, Poloniex, another exchange owned by Sun, faced a $114 million hack earlier this month, but it's working on restoring its operations.
KyberSwap Exploited for Millions
The Kyber Network had to face the darker side of the cryptocurrency industry early yesterday morning after it suffered an exploit with at least $47 million in losses recorded. It is suspected that the attack was aimed at all 15 chains associated with the network’s flagship product, KyberSwap. Some industry sleuths have determined that the Kyber exploits appear to involve flash loans and a potential problem related to rounding.
Other investigators suggested that the real problem lies in an approval issue related to the Kyber aggregator, and it is likely that the hacker was solely depleting the Kyber liquidity pool reserves. This should indicate that individuals involved in trading or swapping on the platform should not face any risks as the malicious actor seems to be exclusively targeting the funds staked within the liquidity pools. However, as a precautionary measure, Kyber liquidity providers strongly advised users to withdraw their staked assets from the platform as soon as possible.
Surprisingly, the hacker decided against leaving quietly. The criminal ended up returning with a message saying that “negotiations will start in a few hours when I am fully rested.”
Justin Sun’s HTX Exchange And HECO Suffer Massive Exploit
On Wednesday, HTX, previously known as Huobi Global, experienced a huge financial setback, with an estimated loss of $13.6 million in a larger exploit that targeted the HECO Chain bridge. According to the blockchain security firm Cyvers, the losses primarily resulted from the compromise of three hot wallets, leading to the unauthorized conversion of user and exchange assets into Ether (ETH). These converted assets were then dispersed to various Ethereum addresses. Among other coins and tokens, Cyvers stated that 1,240 ETH, 7.3 million USDT, 1.78 million USD Coin (USDC), and LINK were drained during the attack.
Justin Sun, the owner of HTX and the co-founder of Tron and BitTorrent shared in an X post shortly after the exploit that “HTX will fully compensate for HTX’s hot wallet losses.” Sun also shared with the community that deposits and withdrawals would be temporarily suspended.
Earlier in the day, the HECO Chain bridge, which was established by combining the Tron and BitTorrent ecosystems back in 2020, experienced a massive loss of $86.6 million. This loss was attributed to an allegedly compromised blockchain operator. Additionally, earlier this year in September, HTX was hacked for about $8 million in another hot wallet exploit.
Crypto Twitter Skepticism
Many people in the crypto Twitter (now X) community are not convinced at all that the hacks are indeed hacks. In fact, there are people openly stating that the HTX hack was an exit scam perpetrated by none other than Justin Sun himself.
X user WhaleWire took to the social media platform to share his own thoughts about the exploits, and also pointed out the fact that he believes the HTX “hack” is an exit scam. He proceeded to draw parallels with FTX and Mt. Gox wherein a hack led to the loss of a significant amount of assets just days before the exchanges' eventual collapse. However, it is important to note that these claims can not be taken as fact given the complete absence of evidence.
This latest HECO Chain hack is already the second exploit of a project related to Justin Sun within this month. On Nov. 10, Poloniex, an exchange that was acquired by Sun in 2018, suffered a $100+ million exploit.
Poloniex Hot Wallets Hacked
Earlier this month, hackers drained the hot wallets of the cryptocurrency exchange Poloniex , resulting in approximate losses of $114 million. The blockchain security companies PeckShield and Cyvers started raising red flags as they were getting suspicious of a possible breach in security. Just 12 minutes later, Poloniex announced that the exchange’s wallet was disabled for “maintenance”.
Various wallets spanning various blockchains were targeted. An Ethereum wallet, now identified as the "Poloniex hacker," conducted 357 transactions, transferring a total of $114 million worth of tokens from Poloniex. Additionally, a wallet on the Tron blockchain dispatched about $42 million to different wallets. On-chain data also indicated that the hacker bought $20 million worth of Tron (TRX) tokens, which pushed up the coin’s price by 25%.
After the hack, the blockchain analytics company Nansen revealed that there were just 175 tokens left in Poloniex’s wallet, worth about $10,000. Poloniex is one of the longest running cryptocurrency exchanges. After being founded in 2013, it was acquired by Circle in 2018 and later spun off to a number of investors, including Justin Sun in 2019.
Despite the hard knocks dealt to the exchange, it is still running. Just days after the exploit, it was announced that restoration efforts to the platform have been mostly completed, and the platform is operating smoothly. However, the evaluation process is still ongoing, and is predicted to take several more days.