Decentralized identity protocol IoTeX has confirmed that it is investigating unusual activity linked to one of its token vaults after onchain analysts flagged a possible security incident.
On Saturday post in X’s case, the project said its team was “fully committed, working around the clock to assess and contain the situation.” IoTeX added that initial estimates indicate the potential loss is smaller than circulating rumors, and that it was working with major exchanges and security partners to track and freeze funds linked to the attacker.
“The situation is under control. We will continue to monitor closely and provide ongoing updates to the community,” the draft said.
According to CoinMarketCap data, the price of the native IoTeX token (IOTX) dropped after the incident, with the price dropping by over 8% in 24 hours to around $0.0049.
Related: CertiK combines $63 million in Tornado Cash deposits with a $282 million portfolio compromise
The analyst claims that the compromised key cost $4.3 million
The answer came after onchain investigator Specter determined that a private key connected to the vault may have been compromised.
An onchain detective revealed that several tokens were emptied from the wallet, including USDC (USDC), USDt (USDT), IoTeX (IOTX), and wrapped Bitcoin (WBTC), with losses estimated at approximately $4.3 million. According to reports, the stolen funds were converted into Ether (ETH) and approximately 45 ETH were combined with Bitcoin.
The analyst also published addresses associated with the suspected attacker, as well as transaction records showing rapid movements on decentralized exchanges and token swaps. This action suggested an attempt to rapidly convert assets and move them between chains to complicate recovery efforts.
Related: SwapNet exploit claims up to $13.3 million from Matcha Meta users
Most crypto projects do not recover from hacks
As Cointelegraph reports, according to Web3 security leaders, nearly 80% of crypto projects affected by major breaches struggle to recover, largely due to poorly managed responses rather than direct financial damage. Immunefi CEO Mitchell Amador said many teams are unprepared for breaches, leading to delays in decision-making and penniless communication during crucial early business hours, exacerbating losses and undermining user confidence.
Even after technical fixes are implemented, reputational impacts may remain. Kerberus CEO Alex Katz noted that grave exploits often result in user withdrawals, reduced liquidity and long-term loss of credibility that projects rarely overcome.
Warehouse: How cryptocurrency regulations have changed in 2025 – and how they will change in 2026
