en
Back to the list

IoTeX Bridge Hacked for $8.8M via Private Key Exploit, IOTX Price Dips

source-logo  coinpedia.org 2 h
image
Story Highlights

  • A private key exploit gave the attacker control over IoTeX's TokenSafe and MinterPool contracts, draining $4.3M in crypto assets.

  • The hacker didn't stop at draining tokens, minting millions more in CIOTX and CCS to push total losses toward $9M.

  • IoTeX says the actual damage is "significantly lower" than reported, but on-chain data tells a different story.

IoTeX’s cross-chain bridge was hit by a private key exploit on February 21, draining over $8 million in crypto assets and sending the $IOTX token tumbling. The attack, which unfolded between 7 and 9 AM UTC, gave the hacker control over IoTeX’s TokenSafe and MinterPool contracts.

On-chain analyst Specter was among the first to flag the breach, reporting that the attacker drained $4.3 million in tokens including USDC, USDT, $IOTX, PAYG, WBTC, and BUSD. The stolen assets were quickly swapped to $ETH, with approximately 45 $ETH bridged to the Bitcoin network.

But that was only part of the damage.

Attacker Minted Millions in CIOTX and CCS Tokens

Beyond the initial drain, the hacker exploited the compromised contracts to mint $4 million in CIOTX tokens and $4.5 million in CCS, pushing total estimated losses toward $9 million.

Blockchain security firm PeckShield confirmed the exploit on X, writing: “The IoTeX Bridge has been hacked for over $8M worth of crypto due to a compromised private key. The hacker has swapped the stolen funds to $ETH and has started bridging them to $BTC via THORChain.”

#PeckShieldAlert The IoTeX[.]io Bridge @iotex_io has been hacked for over $8M worth of crypto due to a compromised private key.

The hacker has swapped the stolen funds to $ETH and has started bridging them to #$BTC via #Thorchain. pic.twitter.com/uNWHzahk4F

— PeckShieldAlert (@PeckShieldAlert) February 21, 2026

Three attacker addresses have been publicly identified so far.

IoTeX Says Actual Losses Are Lower

IoTeX confirmed the breach by 10:30 AM UTC and pushed back on the circulating estimates. The team stated that “initial estimates indicate the potential loss is significantly lower than circulating rumors suggest.”

The company added that it has “already coordinated with major exchanges and security partners, which are actively assisting in tracing and freezing the hacker’s assets.”

We are aware of recent reports regarding suspicious activity involving an IoTeX token safe. Our team is fully engaged, working around the clock to assess and contain the situation.

Initial estimates indicate the potential loss is significantly lower than circulating rumors…

— IoTeX (@iotex_io) February 21, 2026

$IOTX Price Reacts to the Exploit

$IOTX is currently trading near $0.0049, down 9.2% over the last 24 hours, with daily volume surging over 507%.

This incident follows a rough stretch for cross-chain bridges in 2026. Just three weeks ago, CrossCurve lost $3 million in a separate bridge exploit, and January alone saw nearly $400 million in total crypto thefts industry-wide.

IoTeX says the situation is “under control” and has promised continued updates. Analysts are now watching whether the frozen funds can be recovered before the attacker moves them further.

coinpedia.org