Tron founder Justin Sun’s crypto businesses have come under repeated attacks from hackers over the past two months, with at least four hacks on platforms related to the crypto entrepreneur.
Sun’s HTX crypto exchange has been hacked at least twice since the platform rebranded from Huobi on Sept. 13, 2023. The first HTX hack occurred just a few days after the rebranding, with an unknown attacker stealing nearly $8 million in crypto on Sept. 24, 2023.
In its second hack, HTX lost $30 million due to a hot wallet breach which was initially reported to be $13.6 million. Previously known as Huobi, HTX was acquired by Sun in October 2022.
The hackers have also focused on other Sun-related cryptocurrency platforms, including Sun-owned cryptocurrency exchange Poloniex and HTX Eco Chain (HECO) bridge.
Poloniex suffered a significant security breach on Nov. 10 when attackers stole at least $100 million in cryptocurrency from the exchange. Sun, who acquired the business in 2019, reported on X (formerly Twitter) that Poloniex disabled the wallet. According to the blockchain security firm CertiK, the incident was likely a “private key compromise.”
HTX’s HECO Chain bridge, a tool designed for moving digital assets between HTX and other networks like Ethereum, also suffered a massive breach. On Nov. 22, unknown hackers compromised HECO, sending at least $86.6 million to suspicious addresses.
The platforms lost a combined sum of around $208 million in all four hacks over the past two months. Despite Tron founder Sun’s promise to compensate losses for all four incidents, some crypto enthusiasts have urged the community to stay away from Poloniex and HTX, with several questioning who might be involved in the hacks.
One crypto observer argued that Sun is “clearly in big trouble,” noting that Poloniex has been closed for five days and HTX offers 100% interest on cryptocurrencies like Bitcoin (BTC).
Related: KyberSwap DEX exploited for $46 million, TVL tanks 68%
“We can see that all these attacks have the same target: Justin Sun’s projects,” a spokesperson for the crypto security firm Hacken told Cointelegraph. The representative hypothetically assumed that the ongoing hacks could be caused by an “insider who is leaking the information,” adding:
“Most likely, the reasons are private key leakage in all cases […] These projects definitely should improve the procedure for storing sensitive information like private keys, and if there is no need for such amounts of liquidity, keep part of the funds in cold wallets.”
A HTX spokesperson said it will fully compensate users for losses incurred from the latest attack, which should not affect the wider Tron and BitTorrent ecosystems. Poloniex did not immediately respond to Cointelegraph’s request for comment.
The ongoing speculation comes months after the United States Securities and Exchange Commission filed a civil lawsuit against Sun, charging him and his companies like Tron and BitTorrent with fraud and other securities law violations in March 2023.
A U.S. court subsequently issued a summons to Sun’s Singapore address concerning the case in April 2023. In August, the SEC said that its litigation against Sun was ongoing.
Magazine: How to protect your crypto in a volatile market — Bitcoin OGs and experts weigh in
Update (Nov. 24 and 1:20 am UTC): This article has been updated to reflect the latest figure from the Nov. 22 hack and HTX’s response.