Poloniex investor Justin Sun has confirmed a security breach that resulted in the unauthorized access to the exchange’s hot wallets, leading to an estimated loss of approximately $114 million. Blockchain security firms PeckShield and Cyvers flagged the suspected hack around 10:55 UTC, prompting Poloniex to disable its wallet for maintenance just 12 minutes later. The hack was subsequently acknowledged by Justin Sun in a tweet, where he assured affected users of reimbursement and announced a “white hat bounty” to the hacker.
The breach targeted various wallets across multiple blockchains, as evidenced by on-chain data. An Ethereum wallet, now identified as the “Poloniex hacker,” initiated 357 transactions, moving a total of $114 million worth of tokens from Poloniex. Additionally, a wallet on the Tron blockchain transferred approximately $42 million to various destinations.
This incident adds to the growing list of cryptocurrency exchange hacks, with recent examples including HTX losing $8 million in ether, Gdac facing a $13 million loss in April, and Deribit experiencing a $28 million hot-wallet hack in November of the previous year.
On-chain data also reveals that the Poloniex hacker invested $20 million in Tron (TRX), causing a more than 25% increase in the token’s price. Justin Sun stated in a tweet that Poloniex is actively investigating the incident and is committed to fully reimbursing affected funds. Furthermore, the exchange is exploring collaboration opportunities with other platforms to facilitate fund recovery.
In an unusual move, Poloniex is offering a 5% white hat bounty to the hacker, with a seven-day deadline before involving law enforcement. Justin Sun’s announcement emphasized Poloniex’s robust financial position and its dedication to resolving the aftermath of the security breach.