Investors are becoming targets for criminals in every field, and the latest incident highlights the risk. It is estimated that 40,000 wallets have been compromised. Former employees received sentences following the incident uncovered by Chinese police. So, what are the details of the incident? Which exchange’s former employees were involved in this crime?
Employees Hacked Customers
Chinese police identified that four former Huobi employees had installed Trojans in wallets. The criminals responsible for compromising over 40,000 private keys received three-year prison sentences. Although the exact amount of stolen cryptocurrencies was not disclosed, the figure of 40,000 is quite alarming.
In early March 2023, the former employees added a backdoor to the wallet software and later destroyed the server and database. The attackers aimed to use 27,000 recovery phrases and 10,000 private keys to transfer assets to their own wallets after some time had passed. In April 2024, the Xuhui District People’s Court sentenced the defendants Liu, Zhang, and Dong to three years in prison and fined them 30,000 RMB.
In 2023, Wu Shuo announced that some user keys had been stolen from the former Huobi wallet. This incident, believed to have occurred before the sale of HTX, was investigated by the Shanghai Public Security Bureau. Although the buyer was initially kept secret, it was later confirmed that the suspicions were correct and the company was sold to Justin Sun. Once, the Huobi exchange was the largest cryptocurrency exchange in China.
Cryptocurrencies and Security
Investors can always face such issues with non-open-source wallet applications. Therefore, wallet applications built by reliable developers and open-source are much safer than centralized applications. This incident, where investors thought they were moving their assets to secure wallets, serves as an example that can be discussed for years.
Exploitation incidents in exchanges are neither the first nor the last. We saw how significant frauds could occur on inadequately regulated platforms in Turkey with Thodex and in the USA with FTX. SBF openly admitted to selling synthetic cryptocurrencies that did not exist to customers. In the Thodex case, the founder of the exchange took the cold wallet and fled abroad, later claiming they had been hacked.
