Huobi, one of the most renowned names in the crypto exchange world, recently faced a significant security breach within its iToken platform, previously known as the Huobi Wallet.
This breach led to the leakage of customers’ private keys, causing ripples of concern throughout the crypto community.
The Breach Unveiled
Exclusive: Due to a Trojan virus set up by a former Huobi employee, some user mnemonics or private keys of iToken (formerly Huobi Wallet) have been leaked. The employee has been investigated by the police.— Wu Blockchain (@WuBlockchain) September 16, 2023
In a detailed report by Colin Wu, a prominent Chinese reporter, it was revealed that the security breach in the iToken platform resulted in the exposure of customers’ private keys.
These keys are crucial as they grant access to users’ crypto assets. The breach’s gravity was further magnified when it was discovered that the orchestrator behind this malicious act was none other than a former employee of Huobi.
The ex-employee, leveraging his insider knowledge, planted a Trojan virus within the iToken system. This virus was responsible for compromising certain user mnemonics and private keys, essentially leaving the assets of affected users vulnerable to unauthorized access.
Upon discovering the breach, law enforcement authorities were quick to launch an investigation targeting the former Huobi employee responsible for the attack.
The swift response from the authorities showcases the seriousness with which such security breaches, especially in the crypto domain, are treated.
Protective Measures in Place
In the wake of the breach, iToken’s security system detected security risks associated with some wallet addresses. This detection prompted immediate action to safeguard users’ assets.
The security agency overseeing the situation took proactive measures by collaborating with Refundyourcoins, an asset protection service.
This collaboration ensured that the compromised funds from the affected addresses were transferred to a secure wallet, thereby mitigating potential losses for the affected users.
Furthermore, Refundyourcoins announced its plans to introduce a retrieval function. This function aims to facilitate the recovery of assets for affected individuals across four major blockchain networks, namely Bitcoin (BTC), Ethereum (ETH), TRON (TRX), and XRP Ledger (XRP).
A Glimpse into the Past
This isn’t the first time Huobi has been associated with underhanded tactics. Earlier in the year, Coin Edition reported an incident involving an affiliate of Huobi.
Li Wei, a member of Huobi Global DAO, was accused of acquiring a substantial quantity of HT tokens without incurring any costs through unconventional means.
The security breach at Huobi’s iToken platform underscores the vulnerabilities that even established crypto platforms can face.
While the quick response and protective measures taken by Huobi are commendable, the incident serves as a stark reminder for crypto platforms worldwide to bolster their security measures and remain vigilant against potential threats.
See you in the next important news!