Recently, nearly $1.5 billion was stolen from an exchange overnight. As soon as the news came out, it triggered heated discussions and doubts in the industry, and the security issues of centralized exchanges were once again pushed to the forefront. On February 22, in response to users' doubts about the security of exchanges and the security challenges currently facing the crypto industry, Huobi HTX held a theme space on the social platform X, "Industry crisis, how to deal with it together? Is there an optimal solution for the security of the crypto industry?" During the event, Huobi HTX Global Advisor Justin Sun and two authoritative security organizations, SlowMist and GoPlus Security, and many KOLs conducted in-depth discussions and analysis on topics such as how to deal with retail investors after being stolen, how to minimize security risks, security incidents on the chain and CEX, and how CEX should work with institutions to protect fund security.
Safety is a "top priority project". We must always be vigilant and keep learning.
During the live broadcast, Justin Sun said that it is obvious that the means of hacker attacks are constantly evolving, from early hot wallet attacks to multi-signature wallet attacks. Therefore, exchanges must always remain vigilant and dynamically improve security protection.
In his view, security is a "top priority project". Only by always maintaining awe and constantly learning the latest security technology knowledge in the industry can we achieve eternal security. In addition, security is like personal health management, and cannot rely entirely on external guarantees. Exchanges need to constantly cultivate their internal strength before problems arise, improve security awareness and attention, so as to remain invincible in long-term development.
Justin Sun added that every business and product should be based on security as the core premise, which is not only responsible for user assets, but also the cornerstone of the healthy development of the industry. TRON implemented the native multi-signature function at the beginning of its establishment, and this design effectively avoided many security issues. The launch of USDD 2.0 is the result of years of in-depth observation of the stablecoin track, technical accumulation, and a deep understanding of security risks. Similarly, exchanges should also strengthen security mechanisms from the source in system design and operation to minimize the occurrence of security incidents.
SlowMist recommends that exchanges should regularly conduct comprehensive security reviews, including code audits, system vulnerability scans, and multiple security assessments such as smart contracts. At the same time, they should also actively participate in security communities, industry security conferences, and other activities to learn the latest security attack and defense technologies. In addition, internal security training should be conducted regularly to enhance the security awareness and emergency response capabilities of all employees.
In response to the controversy among community users about "CZ's suggestion to suspend withdrawals from exchanges where assets have been stolen", Justin Sun analyzed that from the perspective of the exchange, CZ's suggestion is pertinent. He pointed out that the first few hours after the assets were stolen are the key period for troubleshooting and ensuring safety. The purpose of suspending withdrawals is to completely eliminate risks, but the suspension time should be shortened as much as possible to reduce the impact on users.
Justin Sun called for "the entire industry, including exchanges, security agencies and communities, to work closely together to jointly respond to hacker threats through technology sharing, security innovation and information exchange, and promote the healthy and sustainable development of the industry."
Huobi HTX’s security line: a true reflection of the iceberg theory
Justin Sun admitted in the live broadcast that for Huobi HTX, which has a twelve-year development history, user sense of security is very important.
Earlier, at the "TRON & HTX DAO Exchange" in Hong Kong on February 21, Justin Sun shared his security requirements for Huobi HTX. He said that the platform must ensure the security of user assets, especially in terms of multi-signature support and security reminders, and should explore how to better prevent security issues such as label scams.
In fact, in recent years, Huobi HTX has fully upgraded its security measures and successfully implemented new features such as multi-device login, remote login, and abnormal transfer reminders. In addition, it has publicly disclosed Merkle tree asset proof data 28 times, and the reserve ratio has exceeded 100%.
According to Sun Yuchen's live broadcast, Huobi HTX has reached cooperation with many white hat teams to comprehensively improve the platform's protection capabilities and risk response mechanisms through continuous attack and defense testing, security drills and vulnerability mining. At the same time, Huobi HTX also actively follows up on global encryption security incidents and conducts in-depth research on the principles and methods of hackers' attacks in order to effectively prevent them.
As Sun Yuchen said, Huobi HTX's security line of defense is a true reflection of the "Iceberg Theory". The good experience that users see on the surface is the result of the platform's tremendous efforts in invisible places. In the future, Huobi HTX will carry out security bottom-level design from a global perspective, systematically deploy security strategies, strengthen platform security review and management, and expand security cooperation within the industry, so that this "iceberg" has a larger security root system and builds a solid security line of defense for users and even the entire industry.
