IoTeX, a Layer-1 blockchain that connects real-world devices to crypto applications, suffered a security breach after attackers compromised a private key linked to its token safe and bridge infrastructure.
Early reports from blockchain security researchers estimated losses of more than $8 million. However, IoTeX later said confirmed losses are around $2 million, much lower than initial estimates.
Hack Allowed Attacker to Move Funds Across Blockchains
The team said it has contained the incident and is working with exchanges and law enforcement to trace and freeze stolen funds. The attack happened after a private key was compromised.
In this case, the attacker used the key to move funds from IoTeX’s token safe. Security researchers said the attacker quickly swapped stolen tokens into ETH and then moved them toward BTC using cross-chain services.
This method helps attackers hide their tracks. Once funds move across multiple blockchains, recovery becomes harder.
However, investigators have not yet confirmed how the private key was stolen. It remains unclear whether the key was exposed through human error, software vulnerability, or another method.
Meanwhile, the market reacted quickly. The IOTX token fell about 9%. The chart shows a sharp drop after news of the hack spread, followed by unstable trading.
IoTeX Says Chain Is Secure and Losses Are Limited
IoTeX said it has secured the chain and contained the threat. The team confirmed that stolen assets include USDC, USDT, IOTX, and WBTC.
Importantly, IoTeX said the core blockchain itself was not hacked. Instead, the attacker targeted a token safe or bridge component connected to the network.
IoTeX is a blockchain network launched in 2019. It allows devices such as sensors, trackers, and machines to connect directly to blockchain applications.
The network uses its native token, IOTX, to pay fees and run applications. It also supports bridges that allow users to move crypto between IoTeX and other blockchains like Ethereum.
These bridge systems often hold large amounts of funds, making them a common target for hackers.