en
Back to the list

Former Huobi employees jailed for stealing users’ private keys

source-logo  cryptopolitan.com 27 July 2024 09:09, UTC

Chinese police have revealed that four ex-Huobi employees have been sentenced to three years in prison for stealing over 40,000 user mnemonics and private keys.

These former employees planted Trojans in the wallets, enabling them to gather sensitive information, though the exact amount of stolen cryptocurrencies hasn’t been disclosed.

Chinese blockchain reporter Colin Wu explained that Zhang, Dong, and Liu, who worked for a company suspected to be Huobi, started their criminal activities in early March 2023.

They embedded a backdoor program into a crypto wallet software to capture user private keys. By the end of May 2023, they had stored these stolen keys and their corresponding wallet addresses.

After saving this information, they destroyed the server and database. Their plan was to use the private keys two years later to steal cryptocurrencies, hoping this delay would prevent detection.

Elaborate scheme and execution

Colin says the court documents reveal that Zhang, Dong, and Liu managed to steal more than 27,000 mnemonics and over 10,000 private keys. They successfully converted over 19,000 wallet addresses.

In April, the Xuhui District People’s Court sentenced these men to three years in prison and fined them RMB 30,000 for illegally obtaining computer information system data.

One victim, identified as Ou, wasn’t initially affected by the theft before the planned two-year wait.

However, further investigation showed that Ou’s wallet on another platform had also been compromised by Zhang. Back in 2021, he wrote code to collect user mnemonics and private keys.

For this crime, Zhang Yi received a three-year prison sentence and a fine of RMB 50,000. There is the involvement of Company A is believed to be the original Huobi Company.

In 2023, it was reported that due to Trojans set by these former employees, mnemonics and private keys of iToken (formerly Huobi wallet) users had been leaked.

HTX, the acquiring company, stated that these actions were the personal behavior of former Huobi employees before the acquisition. HTX has since cooperated with the Shanghai Public Security Bureau for investigations and collecting evidence.

cryptopolitan.com