Iotex Hit By Private Key Exploit, Attacker Drains Over $2 Million

What Happened

A private key exploit gave an attacker control of IoTeX’s TokenSafe and MinterPool contracts on February 21. Eventually, the hackers drained an estimated $2 million in crypto assets, sending IOTX down by over 9%.

IoTeX confirmed the situation is “under control,” and the exploit impact is around $2 million USD. But some on-chain analysts suggest total losses could reach $8 million.

The attack unfolded between 7 and 9 AM UTC on February 21, giving the hacker full access to IoTeX’s TokenSafe and MinterPool contracts via a compromised private key.

The hackers swapped the Stolen funds to ETH and bridged approximately 45 ETH to Bitcoin via THORChain.

The hacker also drained 9.3 million CCS tokens worth roughly $4.5 million, pushing total estimated losses toward $8.8 million, as per Specter.

The post IoTeX Hit by Private Key Exploit, Attacker Drains Over $2 Million appeared first on BeInCrypto.

Market Context

Why it matters:

IOTX holders face direct losses as the token fell roughly 9.2% to $0.0049, according to CoinGecko data.

Why It Matters

IoTeX co-founder Raullen Chai stated on X that exchanges are cooperating to freeze related addresses. The IoTeX chain is expected to resume in 24–48 hours.

Details

The attacker used THORChain to bridge stolen ETH to Bitcoin, complicating efforts by exchanges and security partners to freeze the funds.

The details:

On-chain analyst Specter flagged the breach first, reporting $4.3 million drained in USDC, USDT, IoTeX (IOTX), WBTC, PAYG, and BUSD.