- Airdrops are rare for centralised crypto exchanges.
- Sun is playing damage control as attackers made off with hundreds of millions worth of assets.
It’s been a wild ride for Justin Sun’s customers in the last two weeks.
After two exchanges backed by the Chinese crypto mogul, Poloniex and HTX, suffered separate exploits worth at least $238 million, Sun promised to distribute free tokens to the users.
“As HTX and Poloniex approach opening deposit and withdrawal, we will initiate an epic airdrop for users with assets,” Sun posted Friday on X, formerly Twitter.
“My deepest apologies to the users affected by the hacker attacks on HTX and Poloniex. We will cover the loss and all assets are safe,” he added.
Airdrops for CEXs
Crypto projects occasionally give free tokens to specific on-chain wallets to reward users for, say, trying out the functions of a newly-launched protocol. These are called airdrops.
While airdrops are commonplace in decentralised finance, they are virtually unheard of for centralised exchanges like Poloniex and HTX.
Poloniex wallets were drained on November 10. The attack targeted wallets connected to Ethereum, Tron, and Bitcoin.
Estimates vary as to the amount of crypto stolen.
On-chain analysis firm Certik said Poloniex had suffered an overall loss of about $132 million, while rival firm PeckShield estimated that the losses totalled roughly $125 million. On-chain data platform Arkham Intelligence put the figure at $127 million.
White hat bounty
Within an hour of the exploit, Sun tweeted that Poloniex “will fully reimburse the affected funds.” Losses could be covered by Poloniex’s operating revenue, he said.
The Tron founder publicly offered a 5% white hat bounty to the Poloniex exploiter. “We will give you seven days to consider this offer before we engage law enforcement,” he posted.
On November 18, a wallet associated with Sun by Arkham Intelligence sent an on-chain message to the attacker, saying that Poloniex had already confirmed the exploiter’s identity.
”The police forces of China, the USA, and Russia have been involved,” the message said. It further said that the white hat reward had been raised to $10 million — instead of roughly $6.3 million or $6.5 million, depending on the estimate used to determine the size of the exploit.
The message said the exploiter had until November 25 to return the stolen funds.
Freezing withdrawals
Poloniex froze customer deposits and withdrawals in the wake of the exploit on November 10, and has yet to reopen them. The company set November 30 as an official deadline to reactivate both deposits and withdrawals.
Poloniex said in its press releases that the delay in reopening withdrawals was due to the enlisting of a “top-tier security auditing firm” to secure the exchange’s infrastructure.
Poloniex declined to share the name of the firm with DL News, but said it would not push back the deadline for withdrawals. It did not confirm whether it would indeed go forward with Sun’s airdrop plan.
Simultaneous exploits
Separately from Poloniex, HTX and an affiliated piece of cross-chain infrastructure, Heco Bridge, suffered simultaneous exploits on November 22.
According to Certik, Heco Bridge was drained of about $87 million in assets, while HTX’s wallets were exploited for $26 million, bringing the losses to a total of $113 million. HTX said that $30 million had been compromised from its wallets.
Like Poloniex, HTX froze withdrawals and deposits, though Sun stated on X that all customer funds remained secure.
HTX announced on November 24 that clients would receive an “extraordinary token airdrop.” The news release said the airdrop size would be determined by users’ balances.
On the same day as the announcement, HTX reopened deposits for Bitcoin, Ethereum, and Tron tokens — though not withdrawals. The company said further details will be announced in early December.
Tom Carreras is a markets correspondent at DL News. Got a tip about HTX or Poloniex? Reach out at tcarreras@dlnews.com