Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Michael Saylor’s Strategy
    Why Michael Saylor’s Strategy Is Selling Bitcoin After Years of Buying
    Anthropic’s Claude Fable 5 Crypto Hacks
    Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses
    CLARITY Act Stalls Why Senate's August Recess Puts US Crypto Rules at Risk
    CLARITY Act Stalls: Why Senate’s August Recess Puts US Crypto Rules at Risk
    Three Stories, One Pattern Why Binance Is Having Its Worst Week Since the Pardon
    Three Stories, One Pattern: Why Binance Is Having Its Worst Week Since the Pardon
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
  • Opinion
    OpinionShow More
    The Bitcoin Treasury Blueprint What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    The Bitcoin Treasury Blueprint: What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
Industry

IoTeX Confirms $4.3M ioTube Bridge Breach, Validator Key Compromised

IoTeX said the breach was limited to ioTube’s Ethereum contracts, paused within hours, with the attacker executing 189 rapid transactions to mint and move funds across chains.

Written By Dishita Malvania
Published 2026-02-22·Updated 5 months ago
Make The Crypto Times preferred on GoogleGoogle
Share
IoTeX Confirms $4.3M ioTube Bridge Breach, Validator Key Compromised

Key Highlights

  • IoTeX confirmed a $4.3M ioTube bridge breach tied to a compromised validator key, while its Layer 1 chain and core infrastructure remained secure.
  • The attacker carried out 189 rapid transactions, minting tokens and moving funds through THORChain into multiple Bitcoin wallets.
  • On-chain analysts linked the wallet activity to earlier major hacks, including the $49M Infini exploit, pointing to a possible repeat attacker.

IoTeX, a real-world AI–focused blockchain network, has confirmed that its ioTube cross-chain bridge was breached on February 21, 2026, leading to the loss of roughly $4.3 million. The attack, which unfolded over just a few hours, was traced to a compromised validator owner’s private key on the Ethereum side of the bridge, according to the project.

The update was shared by IoTeX co-founder Raullen, who said the incident was detected quickly and contained before it could spread further. Importantly, IoTeX said the breach did not affect its Layer 1 blockchain, its consensus mechanism, or any native smart contracts.

As reported earlier by CryptoTimes, independent on-chain analyst Specter flagged the incident on X, pointing to suspicious transactions tied to the project’s treasury multisig or safe. On-chain data showed the attacker minting and transferring out assets, including USDC, USDT, IOTX, WBTC, BUSD, and other token,s before the activity was contained.

Core IoTeX Network Remained Secure

IoTeX stressed that the exploit was isolated and did not touch its core infrastructure.

“The IoTeX L1 chain, its consensus mechanism, and all native smart contracts were NOT compromised. The exploit was isolated to ioTube’s Ethereum-side bridge contracts.”

Bridge deployments connected to Binance Smart Chain, Base, and other supported networks were not affected, the team said.

Bridge Paused Within Hours of Detection

According to IoTeX, abnormal activity was spotted within hours of the attack beginning. Validators and community members coordinated to pause the ioTube bridge, limiting the damage while investigators began tracing the stolen funds on-chain.

“We detected the incident within hours, the community worked together paused the bridge to contain the damage, and have since completed a full on-chain trace of all stolen assets.”

The project said the majority of the stolen assets are now locked, frozen, or under active recovery, supported by cooperation from ecosystem partners.

A Fast-Moving, Well-Planned Attack

On-chain data that IoTeX reviewed shows this wasn’t a hit-and-run exploit. It was planned. The attacker moved fast, firing off 189 transactions one after another, grabbing control of the contracts, minting tokens, dumping them across DEXs, and bridging the funds out almost immediately.

To get the money out of Ethereum, the attacker used THORChain, swapping ETH straight into Bitcoin without touching centralized services. From there, the funds were split and pushed through a chain of wallets before landing in four separate Bitcoin addresses — the same kind of cleanup process that’s shown up in earlier major crypto hacks.

The timing of the exploit also raised eyebrows. It was launched on a Saturday morning (UTC), a period when response times from centralized entities such as stablecoin issuers and exchanges are often slower.

Possible Link to Earlier DeFi Exploits

Independent on-chain analysts have identified a funding trail linking the attacker’s wallet to the $49 million Infini stablecoin platform hack in February 2025. While no formal attribution has been made, the overlap has fueled speculation that the same group could be behind multiple high-profile bridge and DeFi exploits.

IoTeX said it is aware of the findings and continues to monitor related wallet activity.

How the Hack Happened

Based on current findings, the attacker gained access through a compromised validator owner’s private key, which allowed control over ioTube’s MintPool and TokenSafe contracts on Ethereum.

With administrative permissions in hand, the attacker minted unauthorized tokens and moved them rapidly through DeFi venues before the bridge was shut down. IoTeX emphasized that the breach was not caused by a flaw in its Layer 1 design, but by a failure in key security tied to bridge operations.

What Comes Next

IoTeX said a full post-incident report will be released once recovery efforts are complete. The ioTube bridge remains paused as the team reviews validator security practices and strengthens operational safeguards.

While most of the damage now appears contained, the incident adds to a growing list of cross-chain bridge breaches and serves as another reminder that private key security remains one of the most critical and fragile components of decentralized infrastructure.

Also Read: Sydney Police Bust $5M Crypto Scam Targeting Elderly Australians

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News

TAGGED:Artificial Intelligence (AI)Blockchain
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link

Latest News

Ethereum L1 Tops Public Networks With Over $19B in Tokenized Assets
Ethereum L1 Tops Public Networks With Over $19B in Tokenized Assets
Backpack Launches 24/7 Trading for Select U.S. Stocks
Backpack Launches 24/7 Trading for Select U.S. Stocks
Why is Black Bull (ANSEM) Token Down Today
Why is Black Bull (ANSEM) Token Down Today?
Empery Digital Sells 1,400 BTC to Cut Debt, Fund Expansion
Senate Democrats Renew Calls to Probe Trump’s Crypto Holdings

Find Us on Socials

You may also like

Blockchain Association Proposes 11 Crypto Reforms to CFTC

Rep. French Hill Pushes CLARITY Act in New York Field Hearing

Rep. French Hill Pushes CLARITY Act in New York Field Hearing

CFTC’s Selig States Like NY Prove Need for Crypto Clarity

CFTC’s Selig: States Like NY Prove Need for Crypto Clarity

Custodia Bank Officially Takes Crypto Fight Against Fed to U.S. Supreme Court

Custodia Bank Officially Takes Crypto Fight Against Fed to U.S. Supreme Court

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information