IoTeX offers cross-bridge hackers 10% bounty if they return $4.4 million within 48 hours

Finance Share Share this article Copy link X icon X (Twitter) LinkedIn Facebook Email IoTeX offers cross-bridge hackers 10% bounty if they return $4.4 million within 48 hours Raullen Chai, IoTeX co-founder and CEO, told CoinDesk he would not press charges if the stolen assets or its equivalent is returned within 48 hours. By Olivier Acuna | Edited by Nikhilesh De Feb 23, 2026, 9:18 p.m. Make us preferred on Google Nearly $400 million was lost to crypto exploits in January 2026 alone, according to industry estimates. (Photo by Joshua Michaels on Unsplash/Modified by CoinDesk) What to know : IoTeX is offering a 10% white-hat bounty, about $440,000, and a promise not to pursue legal action if hackers return roughly $4.4 million stolen from its ioTube cross-chain bridge within 48 hours. The Feb. 21 exploit stemmed from a compromised validator owner private key on the Ethereum side of the ioTube bridge, which IoTeX and outside experts describe as an operational security failure rather than a flaw in the Layer 1 blockchain or its smart contracts. IoTeX traced the stolen funds across chains, identified bitcoin addresses holding about 66.6 BTC, and is rolling out a mainnet upgrade with a default blacklist of malicious addresses, but experts warn that assets already swapped and bridged may be difficult or unlikely to recover. IoTeX offered a 10% white-hat bounty to the hacker or hackers who exploited a private key on its cross-chain bridge ioTube, siphoning millions of dollars, in exchange for the voluntary return of funds within 48 hours. With this move, IoTeX is offering the $440,000 if the malicious actor or actors return roughly $4.4 million they stole, according to an IoTeX X post , to which IoTeX co-founder and CEO Raullen Chai pointed “as a source of truth” on Monday. STORY CONTINUES BELOW Don't miss another story. Subscribe to the Crypto Daybook Americas Newsletter today . See all newsletters Sign me up By signing up, you will receive emails about CoinDesk products and you agree to our terms & conditions and privacy policy . Chai told CoinDesk that the team sent an onchain message offering not to pursue legal action or share identifying information with law enforcement if the remaining funds are returned. “This is regarding the ioTube bridge exploit on Feb. 21, 2026,” Chai said in the message . “All fund movements across Ethereum, IoTeX, and bitcoin have been fully traced.” The message states that exchange deposits have been flagged and frozen and offers a 10% bounty for the return of remaining funds. Chai also said IoTeX is rolling out a new chain version, Mainnet v2.3.4, requiring node operators to upgrade. The update includes a default blacklist of malicious externally owned account (EOA) addresses. “This blacklist contains a list of malicious or problematic EOA addresses that will be filtered by the node,” Chai said. The offer comes after a Feb. 21 exploit in which a compromised validator owner private key enabled unauthorized control over ioTube’s bridge contracts. IoTeX said the incident is “under control,” saying that its Layer 1 blockchain was not affected and that the breach was isolated to the Ethereum-side infrastructure of the bridge. The IOTX token fell roughly 22% following the exploit, dropping from $0.0054 to below $0.0042 before partially rebounding. Cross-chain bridges have been one of crypto’s main failure points , with several high-profile exploits in recent years. According to industry reports , more than $3.2 billion has been lost due to cross-chain bridge hacks, making them a prime target for advanced threat actors. Responsibility and key control IoTeX framed the exploit as an operational issue specific to the bridge rather than a failure of its Layer 1 network. “IoTube is IoTeX’s own cross-chain bridge built and maintained by their team,” Nick Motz, CEO of ORQO Group and CIO of Soil, told CoinDesk. “The breach came down to a compromised validator owner private key on the Ethereum side, which is fundamentally an operational security failure, not a smart contract vulnerability discovered by an outside actor.” Motz agreed that IoTeX’s Layer 1 was not compromised but said user funds were entrusted specifically to the bridge. “When you build and operate the bridge infrastructure and the key management is what fails, it’s difficult to separate yourself from that outcome,” he said. Nanak Nihal Khalsa, co-founder of human.tech, said responsibility in crypto often comes down to key custody. “Yes, whoever holds the private key is responsible for securing it,” Khalsa said. “Is that a reasonable responsibility? It’s hard to say. But that’s how the industry works right now.” He added that liability norms remain unsettled compared to traditional finance and called for stronger wallet and multisig setups to reduce similar risks. The estimates diverge On-chain analysis by security firm PeckShield estimated more than $8 million worth of assets were affected, saying the attacker swapped funds into ether (ETH) and began bridging them to bitcoin BTC $ 64,604.89 via THORChain. “The hacker has swapped the stolen funds to $ETH and has started bridging them to #BTC via #Thorchain,” the firm wrote. Another onchain investigator, Specter, said on X that “the private key of @iotex_io may have been compromised,” resulting in an estimated $4.3 million loss. “Once assets are routed through THORChain […] recovery becomes extremely difficult,” Motz said. IoTeX said it has identified four bitcoin addresses holding 66.78 BTC worth roughly $4.3 million at current prices and that the addresses are being monitored in cooperation with exchanges. A CoinDesk review of those addresses on Feb. 23 confirmed they held roughly 66.6 BTC. IoTeX did not immediately respond to CoinDesk’s request for comment. “Containment is not the same as recovery,” he added. “The assets with actual market value were swapped and bridged. Those are, in my assessment, unlikely to be recovered.” Khalsa similarly cautioned that recovery prospects are uncertain. “It’s hard to predict how much, if any, can be recovered,” he said. IoTeX revised its figure upward to approximately $4.3 million, reflecting the direct asset drain but excluding minted tokens. Motz said broader estimates may better capture the severity of the breach. “Private key compromise rather than smart contract bugs is emerging as a dominant attack vector,” Motz said, noting that such incidents target operational security rather than audited code. Before offering the 10% bounty, IoTeX said a compensation plan would be in place within the next 48 hours. Iotex Exploits Cryptocurrency More For You NEAR Launches Near.com super app, touting AI capabilities and confidential transactions By Margaux Nijkerk , AI Boost | Edited by Stephen Alpher 16 minutes ago The company is betting that the next big wave in crypto will come from its convergence with AI. What to know : NEAR is launching Near.com, a new crypto wallet and consumer app that aims to make blockchain technology feel as simple as using a traditional finance app, while positioning itself at the intersection of crypto and artificial intelligence (AI). The product was unveiled by NEAR co-founder Illia Polosukhin, who described it as part of a broader shift toward what he calls the “agentic era,” a future where AI systems don’t just provide answers, but take action on behalf of users. At its core, Near.com is designed to remove much of the friction that has long made crypto confusing for everyday users. Instead of worrying about gas fees, private keys or switching between different blockchains, users can manage their assets in one place. Read full story Latest Crypto News NEAR Launches Near.com super app, touting AI capabilities and confidential transactions 16 minutes ago Kraken’s co-CEO could trust AI with 100% of his crypto — Dragonfly’s Haseeb Qureshi isn’t convinced 17 minutes ago Crypto suffers deeper declines as AI fears send IBM plunging 11% 1 hour ago Solana Company starts building high-speed infrastructure to prepare SOL for next 'super cycle' 3 hours ago Mystery Hong Kong investor in BlackRock's bitcoin ETF breaks silence after $436 million stake sparks controversy 3 hours ago Bitcoin rebound fades as software and private equity rout drags stocks and crypto lower 4 hours ago Top Stories Trump-linked stablecoin wobbles as WLFI says it's under 'coordinated attack' 5 hours ago Anthony Pompliano led Procap Financial dips toe into buybacks 5 hours ago BitMine Immersion added $98 million of ether last week as losses balloon to more than $8 billion 7 hours ago Strategy logs 100th bitcoin purchase announcement, adding 592 coins last week for $39.8 million 7 hours ago Bitcoin ETFs bleed $3.8 billion in historic five-week outflow streak 16 hours ago Ethereum's cofounder Vitalik Buterin sells more ether while prices continues to slide 11 hours ago In this article BTC BTC $ 64,626.52 ◢ 4.44 %