In a recent revelation, it was discovered that four former employees of HTX, previously known as Huobi, had implanted Trojans in cryptocurrency wallets, resulting in the theft of over 40,000 user mnemonics and private keys. The individuals involved in this crime have been sentenced to three years in prison, although the specific amount of stolen cryptocurrencies remains undisclosed. The case came to light when a citizen discovered that his virtual currency had been stolen from his account, leading to an investigation that uncovered a backdoor program within the wallet software.
The arrested individuals confessed to adding a backdoor program to the wallet software in early March 2023 with the intent of stealing users’ private keys. They gathered a significant amount of data, including over 27,000 mnemonics and more than 10,000 private keys, converting more than 19,000 digital wallet addresses. The individuals planned to use the stolen keys to access virtual currencies in the future but were apprehended before doing so. The Xuhui District People’s Court sentenced the individuals to three years in prison and imposed fines on each of them for illegally obtaining computer information system data.
Further investigation led to the discovery of another former employee, Zhang Yi, who had embedded a similar backdoor in the virtual wallet software of another platform to collect private keys and mnemonics. Facing financial pressures, Zhang Yi used stolen private keys to transfer virtual currency and convert it to other digital assets. He was sentenced to three years in prison and fined by the Xuhui District People’s Court for illegally obtaining computer information system data. These incidents shed light on the rising trend of cryptocurrency hacks and scams, with losses more than doubling in Q2 2024 compared to the previous year.
The involvement of former employees in these criminal activities highlights the potential risks associated with insider threats within the cryptocurrency industry. The use of Trojans and backdoors to steal user data and access virtual currencies underscores the importance of vigilance and security measures to protect against such attacks. Cryptocurrency users and companies must remain cautious and implement robust security protocols to safeguard their digital assets from theft and unauthorized access. The significant increase in crypto losses from hacks and scams in recent years emphasizes the need for enhanced cybersecurity measures and regulatory oversight in the evolving landscape of digital currencies.
HTX, the company where the former employees were previously employed, responded to the incident by cooperating with authorities to investigate and gather evidence. The company attributed the actions of the former employees to personal behavior before their acquisition and emphasized its commitment to maintaining the security and integrity of its platform. The collaboration with law enforcement agencies in identifying and apprehending those responsible for the thefts demonstrates the importance of proactive measures in addressing cybersecurity threats in the cryptocurrency sector. Despite the challenges posed by insider threats and criminal activities, efforts to enhance security measures and enforce regulations can help mitigate the risks associated with digital asset theft and fraud.
