Poloniex and HTX, two crypto exchanges backed by Justin Sun, suffered separate exploits worth at least $238 million in the past two weeks. Sun has promised to distribute free tokens to the affected users, but the details are unclear.
Justin Sun, the founder of Tron and the CEO of Poloniex and HTX, has announced an “epic airdrop” for the users of the two exchanges that were recently hacked. Sun claims that he will cover the losses and that all assets are safe, but some users are skeptical and frustrated.
Poloniex hack: $125 million stolen
On November 10, Poloniex, a crypto exchange acquired by Sun in 2019, was exploited by a hacker who managed to steal about $125 million worth of various cryptocurrencies, including Bitcoin, Ethereum, Tron, and USDT.
The hacker exploited a vulnerability in the exchange’s withdrawal system, which allowed them to bypass the security checks and withdraw more funds than they had in their account.
Sun quickly responded to the incident on X, formerly Twitter, and assured the users that Poloniex “will fully reimburse the affected funds.” He also offered the hacker a 5% white hat bounty, giving them seven days to return the stolen funds before engaging law enforcement.
Sun also claimed that Poloniex had already confirmed the hacker’s identity and that the police forces of China, the USA, and Russia had been involved.
However, Poloniex has not provided any evidence or details to support Sun’s claims and has frozen customer deposits and withdrawals since the hack.
The exchange said that it hired a “top-tier security auditing firm” to secure its infrastructure but did not reveal the name of the firm.
Poloniex set November 30 as the deadline to reactivate both deposits and withdrawals, but some users are losing patience and trust.
HTX and Heco Bridge hack: $113 million drained
On November 22, another exchange backed by Sun, HTX, formerly known as Huobi, and an affiliated piece of cross-chain infrastructure, Heco Bridge, suffered simultaneous exploits that resulted in a loss of about $113 million in assets.
HTX is a crypto exchange that operates on the Huobi Eco Chain (HECO), a public blockchain launched by Huobi in 2020.
Heco Bridge is a decentralized application that allows users to transfer assets between HECO and other blockchains, such as Ethereum and Binance Smart Chain.
According to Certik, a blockchain security company, the hacker exploited a flaw in the Heco Bridge smart contract, which allowed them to mint unlimited amounts of wrapped tokens, such as WETH, WBTC, and WHUSD.
The hacker then used these tokens to swap for other assets on HTX and other platforms, such as Mdex and LavaSwap. Certik estimated that the hacker drained about $87 million from Heco Bridge and $26 million from HTX, bringing the total losses to $113 million.
HTX, however, said that only $30 million had been compromised from its wallets.
Sun also reacted to this incident on X and apologized to the users. He said that all customer funds remained secure and that HTX would reopen deposits and withdrawals soon.
He also offered a job to the hacker, saying that he admired their skills and that he wanted to hire them as chief security officer for HTX.
Sun’s airdrop plan: A generous gesture or a PR stunt?
Sun’s epic drop announcement did not specify the amount or the type of tokens that would be distributed nor the date of the airdrop.
While airdrops are commonplace in decentralized finance (DeFi), they are virtually unheard of for centralized exchanges like Poloniex and HTX.
Some users welcomed Sun’s airdrop plan, hoping that it would make up for their losses and restore their confidence in the exchanges. However, others were skeptical and frustrated by Sun’s lack of transparency and accountability and his exchanges.
They questioned the value and legitimacy of the tokens that would be airdropped and demanded more information and clarity from the exchanges. They also expressed dissatisfaction with the delays and uncertainties in reopening deposits and withdrawals.
Sun’s airdrop plan has sparked controversy and debate in the crypto community, as some see it as a generous gesture and others as a PR stunt.
Sun is known for his flamboyant and controversial marketing strategies, such as his failed lunch with Warren Buffett, acquisition of BitTorrent, and promotion of Tron and its tokens. Sun has also been accused of plagiarism, censorship, and centralization by his critics.
