HTX hacker returns funds, Justin Sun confirms 250 ETH 'whitehat bonus'

Quick Take

  • The hacker behind the near 5,000 ETH exploit on crypto exchange HTX (formerly Huobi) last month has returned the stolen funds.
  • HTX advisor Justin Sun confirmed the recovery, adding that it had paid the hacker a “whitehat bonus” of 250 ETH ($400,000).

The hacker behind the exploit on crypto exchange HT -1.10% X (formerly Huobi) on Sept. 24 returned the approximate 5,000 ETH stolen on Saturday, according to on-chain data.

The funds were returned in two transactions of around 4,000 ETH and 1,000 ETH, respectively.

HTX advisor and Tron founder Justin Sun confirmed the recovery on X (formerly Twitter), adding that it had paid the hacker a “whitehat bonus” of 250 ETH ($400,000). “We have confirmed that the hacker has fully returned all funds, as promised, and we have also paid the hacker a whitehat bonus of 250 ETH,” Sun wrote. “The hacker made the right choice. We would like to express our gratitude to everyone in the industry for their help!”

In an on-chain message sent while returning the funds, the hacker wrote: “Received your message. White hat bonus to 0x1Fc8674A51D6b97C968BE384337519CE7003152B. Your system hot wallet private key leak, you should change system hot wallet address and reduce the system hot wallet rate.”

Responding to the hacker when sending the bonus, HTX wrote: “You have made the right choice. We have already paid the whitehat bonus to 0x1Fc8674A51D6b97C968BE384337519CE7003152B. Please submit a security vulnerability analysis report to the email [email protected] so that we can avoid similar incidents in the future. Your privacy will be protected.”


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

HTX hack

Following the hack last month, Sun confirmed HTX lost around 5,000 ETH ($8 million). "HTX has suffered a loss of 5,000 ether ... due to a hacker attack," Sun posted on X at the time. "HTX has fully covered the losses incurred from the attack and has successfully resolved all related issues."

Sun noted that the stolen amount was relatively small compared to the $3 billion in assets held by its users and equated to about two weeks of HTX’s revenue. Yet, he highlighted that HTX was prepared to offer 5% ($400,000) of the stolen amount as a reward for returning the funds.

Sun further added that the failure to return the funds within a seven-day window would have prompted the firm to approach law enforcement.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

James Hunt is a reporter at The Block, based in the UK. As the writer behind The Daily newsletter, James also keeps you up to speed on the latest crypto news every weekday. Prior to joining The Block in 2022, James spent four years as a freelance writer in the industry, contributing to both publications and crypto project content. James’ coverage spans everything from Bitcoin and Ethereum to Layer 2 scaling solutions, avant-garde DeFi protocols, evolving DAO governance structures, trending NFTs and memecoins, regulatory landscapes, crypto company deals and the immersive metaverse. You can get in touch with James on Twitter or Telegram via @humanjets or email him at [email protected].


To contact the editor of this story:
Vishal Chawla at
[email protected]