TechFlow News: On February 24, according to CoinDesk, IoTeX offered a 10% white-hat bounty (approximately $440,000) to the hacker who stole funds from its cross-chain bridge ioTube, on the condition that the hacker returns the roughly $4.4 million in stolen funds within 48 hours. Raullen Chai, Co-Founder and CEO of IoTeX, stated that no legal action would be taken if the funds are returned.
According to the report, the attack occurred on February 21 and stemmed from a leak of validator private keys on the Ethereum side of the ioTube bridge—an operational security failure, as described by experts, rather than a flaw in the Layer 1 blockchain or smart contracts. IoTeX has traced the flow of stolen funds and identified a Bitcoin address holding approximately 66.6 BTC. Additionally, IoTeX has rolled out a mainnet upgrade that, by default, includes malicious addresses in a blacklist. However, experts warn that assets already swapped or bridged across chains may be difficult to recover.
