Summary:
- IoTeX confirms suspicious activity tied to one of its token safes
- Early reports linked the incident to a possible private key compromise and Initial analyst estimates suggested ~$4.3M in losses
- IoTeX later confirmed exploit impact is closer to ~$2M, Exchanges and security partners are assisting with tracing and freezing assets
- Network security upgrades underway, with operations expected to resume in 24-48 hours
IoTeX has confirmed that it is currently investigating unusual activity linked to one of its token safes, following alerts raised by onchain analysts earlier this week. In a post shared on X, the project acknowledged reports of suspicious movements involving the safe and stated that its internal teams were actively working to assess and contain the situation. The update noted that early estimates suggest the losses may be lower than what has been circulating publicly, while also confirming coordination with major exchanges and security partners to trace and potentially freeze compromised funds.
Shortly after the reports surfaced, IoTeX's native token experienced a sharp decline. Market data from CoinMarketCap showed that IOTX fell by more than 8% over a 24-hour period, trading near $0.0049 as concerns around the incident spread across trading venues. The development marked one of the first publicly disclosed security-related disruptions tied to an IoTeX-managed token safe, prompting further scrutiny from blockchain investigators.
Private Key Compromise Suspected in Multi-Token Drain
The response from IoTeX followed claims made by onchain investigator Specter, who indicated that a private key associated with the affected safe may have been compromised. According to the investigator's findings, the wallet was drained of multiple assets - including USDC, USDT, IOTX, and wrapped Bitcoin - with the total losses initially estimated at around $4.3 million. The stolen assets were reportedly converted into Ether, after which approximately 45 ETH was bridged into Bitcoin.
However, IoTeX recently provided an updated assessment, stating that internal data now places the total exploit impact at approximately $2 million across the affected tokens. The project also indicated that the attack appeared to be both deliberate and coordinated, describing it as a long-planned operation carried out by experienced actors targeting multiple blockchain environments. In its latest communication/announcement, IoTeX confirmed that the situation had been contained and that ongoing work with exchanges and law enforcement agencies was focused on freezing stolen assets and supporting recovery efforts where possible.
Security Upgrades Underway
Following containment of the exploit, IoTeX stated that its blockchain infrastructure is undergoing additional security hardening measures. As part of the response process, certain chain operations and deposit functions were temporarily paused. The project noted that these services are expected to resume within 24 to 48 hours, once final security upgrades are implemented and reviewed.
The decision to coordinate closely with centralized exchanges and compliance partners reflects a broader industry approach to post-incident mitigation. In cases where stolen funds are moved through identifiable platforms, timely collaboration can improve the likelihood of tracking asset flows and limiting further movement. IoTeX has also committed to sharing additional updates as the investigation progresses, emphasizing transparency with its community throughout the recovery process.
Closing Thoughts
While the full scope of the breach remains under review, the revised loss estimate and swift containment efforts suggest that the impact may be more limited than initially feared. Market participants will likely continue monitoring both technical updates and token price stability in the days ahead as operations gradually return to normal.
READ MORE: Vitalik Said "Build Something New." COTI Already Did


