The IoTeX blockchain platform suffered a significant security breach on February 21, resulting in total losses estimated at nearly $9 million. Hackers stole approximately $4.3 million in crypto assets, including USDC, USDT, and IOTX, by compromising key bridge contracts. The attacker further minted an additional $8.5 million in CIOTX and CCS tokens. IoTeX has confirmed the incident and is collaborating with exchanges to trace the stolen funds, while the IOTX token price fell over 7%.
The IoTeX platform has confirmed a major breach that drained millions from its cross-chain bridge. The attack occurred on Saturday, February 21, between 7:00 and 9:00 AM UTC, when the attacker gained control of IoTeX’s TokenSafe and MinterPool contracts.
According to on-chain analyst Specter, about $4.3 million worth of tokens were initially drained. The stolen assets included USDC, USDT, IOTX, PAYG, WBTC, and BUSD.
The attacker then swapped most of the tokens into ETH and bridged around 45 ETH to the Bitcoin network. This method was used to make the funds difficult to trace following the theft.
After the initial theft, the hacker minted new tokens through the compromised contracts. The report states that about $4 million in CIOTX tokens and $4.5 million in CCS tokens were created.
Security firm PeckShield confirmed the incident, stating the IoTeX Bridge was hacked for over $8 million. The firm attributed the breach to a “compromised private key.”
IoTeX has officially released a statement to acknowledge the breach and confirm the team is working to manage the situation. The platform stated that “the actual loss may be lower than the figures circulating online.”
IoTeX has shared that it is currently working with large exchanges and security teams to trace and freeze the stolen funds. Despite these assurances, IoTeX’s native token, IOTX, has fallen more than 7% within the last 24 hours.
