Justin Sun-owned Poloniex exchange Poloniex has suffered a major security breach affecting approximately $126 million in crypto assets after hackers drained its hot wallet.
Sun said Poloniex will reimburse all affected users and is willing to give the hacker a 5% bug bounty to return the stolen funds.
Poloniex Loses $126 Million
Major crypto exchange Poloniex fell victim to a cyberattack on Friday, resulting in the theft of around $126 million worth of digital assets. Hackers were able to compromise one of Poloniex’s hot wallets, which are wallets linked to the internet, to allow for faster access to funds.
The suspicious outflows were first flagged by blockchain security firm Peckshield, pointing to blockchain explorer Etherscan data, which shows transfers from the “Poloniex 4” wallet to four externally owned accounts linked to the hacker.
The perpetrator made off with ETH, TRON, the stablecoins USDT and TUSD, and meme coins, including PEPE, FLOKI, and SHIB, before the breach was detected and Poloniex disabled the wallet.
Additional blockchain data provided by Arkham Intelligence indicates that more than 288 million in Tron’s native token, TRX, and 865 Bitcoins were also stolen, bringing the total to around $126 million.
Interestingly, the Poloniex hacker bought $20 million in TRX and subsequently drove the token’s price up by over 20%. TRX went from changing hands for $0.09 to $0.11 today despite the hack.
Justin Sun’s Response
In the aftermath of the hack, Justin Sun, who acquired Poloniex in 2019, stated that the exchange is conducting an investigation and confirmed it plans to reimburse all users affected by the hack.
“We are currently investigating the Poloniex hack incident. Poloniex maintains a healthy financial position and will fully reimburse the affected funds,” Sun posited.
Moreover, Sun offered a 5% white-hat bounty to the Poloniex thieves. The term “white hat” refers to ethical hackers who identify and reveal vulnerabilities to firms to help them enhance security. Poloniex hopes to incentivize the hackers to give back loot by offering a bug bounty.
However, the eccentric Chinese-born entrepreneur said that they would give the attacker seven days to return the funds before they begin engaging with law enforcement.
