IoTeX hit by private key exploit draining around $2 million from bridge contracts, per co-founder
IoTeX suffered a private key exploit on its cross-chain bridge, resulting in losses estimated by the co-founder at around $2 million.Summary
The cross-chain bridge infrastructure of crypto-AI project IoTeX was compromised on Saturday due to a private key exploit, allowing an attacker unauthorized access to TokenSafe and MinterPool smart contracts. Initial reports from analysts like Specter indicated losses as high as $8.8 million, involving the draining of assets like USDC, USDT, and IOTX, and the minting of approximately 111 million CIOTX tokens. IoTeX co-founder and CEO Raullen Chai later stated that the actual loss would be significantly lower, estimating it around $2 million, and confirmed that centralized exchanges were cooperating to freeze the hacker's addresses. The IoTeX chain was temporarily taken down for assessment and containment, with Chai assuring users that funds on the main chain were safe and that deprecated tokens minted by the attacker held little value. The incident follows a pattern of private key compromises in bridge security and analysts have flagged potential links between the attacker's wallet and a major 2025 hack of the stablecoin neobank Infini.
(Source:The Block)