Four former employees of Huobi have been sentenced to three years in prison by Chinese authorities for stealing over 40,000 user mnemonics and private keys.
This significant breach of trust involved planting Trojans in wallets to gather sensitive information, although the amount of stolen cryptocurrencies remains undisclosed.
Elaborate scheme uncovered
Chinese blockchain reporter Colin Wu disclosed that Zhang, Dong, and Liu, who worked for a company believed to be Huobi, initiated their criminal activities in early March 2023. They embedded a backdoor program into a crypto wallet software to capture user private keys. By the end of May 2023, they had stored these stolen keys and their corresponding wallet addresses. After collecting this information, they destroyed the server and database, planning to use the private keys two years later to steal cryptocurrencies, hoping this delay would prevent detection.
Court documents revealed that Zhang, Dong, and Liu managed to steal over 27,000 mnemonics and over 10,000 private keys. They successfully converted over 19,000 wallet addresses. In April, the Xuhui District People’s Court sentenced them to three years and fined them RMB 30,000 for illegally obtaining computer information system data.
Impact on victims
One victim, identified as Ou, initially appeared unaffected by the theft before the planned two-year wait. However, further investigation showed that Zhang had also compromised Zhang’s wallet on another platform. In 2021, Zhang had written code to collect user mnemonics and private keys. Zhang Yi received a three-year prison sentence and a fine of RMB 50,000 for this crime.
The involvement of Company A, believed to be the original Huobi Company, played a crucial role in the investigation. In 2023, reports emerged that the users’ mnemonics and private keys of iToken (formerly Huobi wallet) had been leaked due to Trojans set by these former employees. This significant breach caused substantial concern among users and the cryptocurrency community.
HTX, the acquiring company, clarified that these actions were the personal behavior of former Huobi employees before the acquisition. HTX has since cooperated with the Shanghai Public Security Bureau to investigate and collect evidence. This collaboration aims to ensure that such breaches do not occur in the future and that user trust is restored.
HTX’s statement emphasized their commitment to maintaining security and transparency in their operations. The company has taken steps to enhance its security protocols and prevent similar incidents. This includes stricter monitoring of employee activities and implementing advanced security measures to protect user data.
Court verdict and future implications
The sentencing of these former employees sends a strong message about the consequences of violating trust and engaging in illegal activities. It highlights the importance of robust security measures and the need for companies to monitor and update their systems to safeguard user data continuously.
This case also underscores the need for users to remain vigilant and take necessary precautions to protect their private keys and mnemonics. Users are advised to use trusted wallets and enable additional security features like two-factor authentication to enhance the safety of their assets.
The Huobi incident serves as a reminder of the potential risks in the cryptocurrency industry and the importance of ongoing efforts to improve security standards. By addressing these challenges, companies can build a safer and more trustworthy environment for their users.