You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Statement: Blockchain security firm’s CertiK, Peckshield and Cyvers have reported over $86.6 million in digital assets, including stablecoins, ETH, SHIB, LINK, and more, were transferred from the HECO Chain bridge to suspicious addresses. ✅
Statement: Between Heco Cross Chain Bridge and HTX the losses total approximately $87,000,000 USD. ⚠️
Source: None
Statement: ”November 22, 2023, 09:59 UTC: 1,262 ETH is transferred into wallet.⚠️
Source: None
Statement: ”November 22, 2023, 11:23 UTC:” PeckShield announces a suspicious withdrawal of 10,145 ETH. ⚠️
Source: None
Statement: ”November 22, 2023, 12:34 UTC:” Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended.⚠️
Source: None
Statement: ”November 22, 2023, 1:13 UTC:” Coindesk releases an article stating HTX will fully compensate for any losses originating from the exchange.⚠️
Source: None
Some Editor's Notes
In the summary section, expand the mention of "various other ERC-20 tokens" to name some specific tokens that were drained besides ETH. This provides more detail.
In the losses section, reword to "Total losses are estimated at $87 million between the Heco Cross Chain Bridge exploit and the related HTX exchange hack." This clarifies the link between the two incidents.
Standardize capitalization of "Heco" and "HTX" throughout the document.
Add sources for the specific timeline events to back up the details with evidence.
Expand on the security failure causes to provide more technical insight into the bridge vulnerability and monitoring gaps.
Statement: Blockchain security firm’s CertiK, Peckshield and Cyvers have reported over $86.6 million in digital assets, including stablecoins, ETH, SHIB, LINK, and more, were transferred from the HECO Chain bridge to suspicious addresses. ✅
Statement: Withdrawals and deposits have been temporarily suspended as the company investigates the incident, with services expected to resume after the investigation is completed. ✅
Statement: "November 22, 2023, 09:59 UTC:" 1,262 ETH is transferred into wallet.⚠️
Source: None
Explanation: The provided Etherscan transaction link is invalid and returns a 404 error. There is no evidence from the search results to verify or deny the statement about the specific ETH transfer on November 22, 2023 at 09:59 UTC. More details would be needed to fact check this claim.
Statement: "November 22, 2023, 11:23 UTC:" PeckShield announces a suspicious withdrawal of 10,145 ETH. ⚠️
Source: None
Explanation: The search results do not contain any information to verify or deny the specific statement about PeckShield announcing a suspicious 10,145 ETH withdrawal on November 22, 2023 at 11:23 UTC. More context and supporting evidence would be needed to fact check this claim.
Statement: "November 22, 2023, 12:34 UTC:" Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended. ✅
Statement: Blockchain security firm’s CertiK, Peckshield and Cyvers have reported over $86.6 million in digital assets, including stablecoins, ETH, SHIB, LINK, and more, were transferred from the HECO Chain bridge to suspicious addresses.
Statement: Various other ERC-20 tokens were drained, swapped for ether, and distributed to at least 8 wallets.
Source: None
Verdict: ⚠️
Statement: Withdrawals and deposits have been temporarily suspended as the company investigates the incident, with services expected to resume after the investigation is completed.
Statement: ”November 22, 2023, 09:59 UTC:" 1,262 ETH is transferred into wallet.⚠️
Source: None
Statement: ”November 22, 2023, 11:23 UTC:" PeckShield announces a suspicious withdrawal of 10,145 ETH. ⚠️
Source: None
Statement: ”November 22, 2023, 12:34 UTC:" Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended.⚠️
Source: None
Statement: ”November 22, 2023, 1:13 UTC:" Coindesk releases an article stating HTX will fully compensate for any losses originating from the exchange.⚠️
Source: None
Statement: ”November 22, 2023, 2:39 UTC:" Arkham posts via X they have created and funded a white hat bounty to recover the stollen funds. ⚠️
Source: None
Editor's Notes
In the Summary section, expand the first sentence to provide more context on what a blockchain security firm is.
In the Attackers section, rephrase the sentence to be more direct, such as "The attackers have not yet been identified."
In the Timeline section, standardize the formatting of links to use Markdown format rather than HTML.
Overall the content is well-written and structured logically. Just a few minor tweaks needed for clarity and consistency.
Statement: ”November 22, 2023, 12:34 UTC:" Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended. ✅
Statement: ”November 22, 2023, 1:13 UTC:" Coindesk releases an article stating HTX will fully compensate for any losses originating from the exchange. ✅
Statement: ”November 22, 2023, 2:39 UTC:" Arkham posts via X they have created and funded a [white hat bounty}(https://twitter.com/ArkhamIntel/status/1727335953583190229?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1727335953583190229%7Ctwgr%5E762b9e6c852b5ee31866b716515fa3f6e5bd7f37%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.fxstreet.com%2Fcryptocurrencies%2Fnews%2Fjustin-suns-htx-exchange-and-heco-suffer-85m-exploit-202311230005) to recover the stollen funds. ⚠️
Source: None
Editor's Notes
Overall the text is well-written, but there are a few minor issues:
Some typos like "stollen" instead of "stolen"
Inconsistent capitalization of headers like "security failure causes"
Missing Oxford commas in some lists
Could improve clarity by defining some terms on first use like "white hat bounty"
Statement: ”November 22, 2023, 12:34 UTC:" Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended. ❌
Explanation: The search results do not verify that Justin Sun announced the suspension of deposits and withdrawals on Twitter on November 22, 2023 at 12:34 UTC. The information is about a previous hack in November and an airdrop announcement.
Statement: ”November 22, 2023, 1:13 UTC:" Coindesk releases an article stating HTX will fully compensate for any losses originating from the exchange. ✅
Statement: ”November 22, 2023, 2:39 UTC:" Arkham posts via X they have created and funded a [white hat bounty}(https://twitter.com/ArkhamIntel/status/1727335953583190229?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1727335953583190229%7Ctwgr%5E762b9e6c852b5ee31866b716515fa3f6e5bd7f37%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.fxstreet.com%2Fcryptocurrencies%2Fnews%2Fjustin-suns-htx-exchange-and-heco-suffer-85m-exploit-202311230005) to recover the stollen funds. ⚠️
In the Timeline section, standardize the formatting of dates and times to be consistent. For example, use "" quotes around the dates and times.
In the Security Failure Causes section, start bullet points with verbs to create parallel structure. For example: "Compromised private keys enabling unauthorized access", "Absence of real-time monitoring to detect ongoing attack".
Review punctuation and capitalization for consistency. For example, capitalize proper names like Ethereum.
Consider adding links to provide more context around entities mentioned like PeckShield.
Statement: "November 22, 2023, 09:59 UTC:" 1,262 ETH is transferred into wallet.⚠️
Source: None
Statement: "November 22, 2023, 12:34 UTC:" Justin Sun announces via X (formally known as Twitter) deposits and withdrawals are temporarily suspended. ✅
Statement: "November 22, 2023, 1:13 UTC:" Coindesk releases an article stating HTX will fully compensate for any losses originating from the exchange. ✅
Statement: Arkham posts via X they have created and funded a [white hat bounty}(https://twitter.com/ArkhamIntel/status/1727335953583190229?ref_src=twsrc%5Etfw%7Ctwcamp%5Etweetembed%7Ctwterm%5E1727335953583190229%7Ctwgr%5E762b9e6c852b5ee31866b716515fa3f6e5bd7f37%7Ctwcon%5Es1_&ref_url=https%3A%2F%2Fwww.fxstreet.com%2Fcryptocurrencies%2Fnews%2Fjustin-suns-htx-exchange-and-heco-suffer-85m-exploit-202311230005) to recover the stollen funds. ⚠️
Overall the text provides a good summary of the attack details. Here are some suggestions for improvement:
In the Summary section, expand on what a "fundamental security failure in the bridge protocol" means. Provide more technical details or examples for readers unfamiliar with bridge architecture.
In the Timeline section, standardize the timestamp format to be more readable, e.g. "November 22, 2023 at 09:59 UTC".
In the Causes section, elaborate on what "lack of real-time monitoring" means. Were there no transaction alerts, analytics, or fraud detection systems in place?
Fix typos:
"stollen" -> "stolen"
Extra "}" in the Arkham bounty link
Use consistent capitalization. "ETH" is used instead of "Ether" in some places.
Consider adding a "References" section at the end for all cited links and sources.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.