HTX Ex-Employees Sentenced to 3 Years for Stealing 27,000 Mnemonics and 10,000 User Private Keys

HTX Huobi
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships. Read more

In a recent revelation, Chinese police disclosed that four former employees of HTX (formerly Huobi) were involved in implanting Trojans in cryptocurrency wallets, resulting in the theft of over 40,000 user mnemonics and private keys.The individuals responsible have been sentenced to three years in prison, although the specific amount of stolen cryptocurrencies remains undisclosed.

Ex-Employees of Company A Sentenced for Stealing Virtual Currency Data with Backdoor Program

The case came to light in May 2023 when citizen Ou discovered that his virtual currency, worth millions of RMB, had vanished from his account after checking it at a coffee shop.Upon investigation, Ou found that his virtual currency had been stolen a month prior.By analyzing the wallet software, Ou identified a backdoor program that automatically obtained wallet addresses and private keys. In August 2023, Ou reported the incident to the Xuhui Public Security Bureau, leading to the arrest of suspects Zhang, Dong, and Liu, who were all former Company A employees.The arrested individuals confessed to adding a backdoor program to the wallet software in early March 2023 to steal users’ private keys. Liu wrote the backdoor program, Dong purchased the server and domain name and encrypted the stolen data, and Zhang set up the server and database.The backdoor program activated five days after installation, uploading private keys, mnemonics, and other data to a designated database.After gathering this data, they destroyed the server and database at the end of May 2023, planning to use the stolen keys to access virtual currencies two years later. Despite their plans, they were arrested three months later.The investigation revealed that the trio had not yet used the stolen data to transfer virtual currencies, including Ou’s. However, they had collected over 27,000 mnemonics and more than 10,000 private keys, converting more than 19,000 digital wallet addresses. The Xuhui District People’s Procuratorate charged them with illegally obtaining computer information system data.In April 2024, the Xuhui District People’s Court sentenced Liu, Zhang, and Dong to three years in prison and fined them RMB 30,000 each.

However, the unavailability of Ou’s funds led to further investigation.

Former HTX Employee Sentenced for Virtual Currency Theft Amid Rising Crypto Hacks

Further investigation led to the arrest of another individual, Zhang Yi, a former employee of HTX.Zhang Yi had embedded a similar backdoor in the virtual wallet software of another platform in July 2021.He used this to collect private keys and mnemonics, which he sent to his email. In April 2023, facing financial pressure, Zhang Yi used Ou’s stolen private key to transfer all his virtual currency and convert it to other digital assets.Zhang Yi had illegally obtained more than 6,400 user private keys and mnemonics. Following his confession and partial compensation to Ou, Zhang Yi was sentenced to three years in prison and fined RMB 50,000 by the Xuhui District People’s Court in April 2024 for the crime of illegally obtaining computer information system data.

According to Wu Blockchain, Company A is suspected to be the original Huobi Company.

In 2023, Wu reported that, due to Trojans set by former employees, the mnemonics or private keys of some users of iToken (the original Huobi wallet) had been leaked.

HTX responded that it was the personal behavior of former Huobi employees before the acquisition to set up Trojans and steal other people’s mnemonics and private keys.

HTX stated that it cooperated with the Shanghai Public Security Bureau to conduct investigations and gather evidence.

Crypto losses from hacks and scams more than doubled in Q2 2024, totaling over $572 million, compared to $220 million in Q2 2023, reports Immunefi. Centralized exchange hacks were the primary contributors.

Despite a 23% reduction in Q1 and continued declines in April and most of May, losses spiked at the end of May and June.

The largest loss was the $305 million Bitcoin theft from DMM on May 31, followed by the $55 million BtcTurk hack on June 22. These two incidents accounted for over 62% of the total losses for the quarter.

More Articles

Altcoin News
SEC Sues Helium Network Creator Nova Labs Ahead of Gary Gensler’s Exit as Chair
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-01-19 13:48:07
Ethereum News
Vitalik Buterin Unveils Leadership Overhaul at Ethereum Foundation to Boost Technical Focus
Ruholamin Haqshanas
Ruholamin Haqshanas
2025-01-19 13:44:32
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors