IoTeX, the real-world AI focused blockchain network, appears to have suffered a major security breach. On-chain investigators have reported that an attacker gained unauthorized access to its TokenSafe contract and drained roughly $4.3 million in various cryptocurrencies.
An independent on-chain analyst Specter flagged the incident on X shortly after it unfolded, pointing to suspicious transactions from the project’s treasury multisig or safe. The attacker reportedly minted and transferred out assets including substantial holdings of USDC, USDT, IOTX (IoTeX’s native token), WBTC, BUSD, and others.
On-chain data shows that funds were quickly swapped into Ethereum (ETH) via decentralized exchanges like Uniswap, after which approximately 45 ETH were bridged over to Bitcoin addresses.
Two Bitcoin wallets tied to the movement have been publicly identified as 1PN2Bo…yYEc and 135oSa…o1DG1Aw. The Ethereum address that received the initial minted and drained tokens is listed as 0x6487…7eD442f.
Later updates from security watchers and analysts indicated the compromise extended further. The attacker allegedly exploited control over related contracts to mint an additional 111 million CIOTEX tokens, significantly inflating the total estimated damage when valued.
IoTeX issues statement
IoTeX acknowledged reports of suspicious activity and shared that it was working to assess and fix the situation. The team also addressed rumors about the loss amount being higher than $4.3M, “Initial estimates indicate the potential loss is significantly lower than circulating rumors suggest. We have already coordinated with major exchanges and security partners, which are actively assisting in tracing and freezing the hacker’s assets.”
The team concluded the post by saying that the situation is “under control” and promised more community updates soon.
Also read: Sydney Police Bust $5M Crypto Scam Targeting Elderly Australians
